{ "version": 4, "terraform_version": "1.12.2", "serial": 1850, "lineage": "751616a2-db32-0edf-7258-3ba00b4868bd", "outputs": {}, "resources": [ { "mode": "data", "type": "ct_config", "name": "control_plane1_ignition", "provider": "provider[\"registry.terraform.io/poseidon/ct\"]", "instances": [ { "schema_version": 0, "attributes": { "content": "variant: flatcar\nversion: 1.1.0\n\npasswd:\n users:\n - name: core\n ssh_authorized_keys:\n - \"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHHEAlPo3v4U67Y3411pTjIMkQxwlFWdXrBJkSzXenDH flatcar@undercloud\"\n\nstorage:\n directories:\n - path: /opt/bin\n overwrite: true\n mode: 0755\n - path: /opt/cni/bin\n overwrite: true\n mode: 755\n - path: /etc/kubernetes/manifests\n #overwrite: true\n mode: 0755\n - path: /etc/install-calico\n overwrite: true\n mode: 0755\n files:\n - path: /etc/hostname\n mode: 0644\n contents:\n inline: |\n control-plane1\n\n - path: /etc/systemd/network/00-eth.network\n mode: 0644\n contents:\n inline: |\n [Match]\n Name=eth*\n \n [Network]\n Address=fd00:0:0:2::91/64\n Gateway=fd00:0:0:2::3\n DNS=fd00:0:0:3::1\n Address=10.0.2.91/24\n Gateway=10.0.2.3\n DNS=10.0.3.1\n Domains=undercloud.local\n\n - path: /etc/hosts\n mode: 0644\n overwrite: true\n contents:\n inline: |\n 127.0.0.1 localhost\n ::1 localhost ip6-localhost ip6-loopback\n fd00:0:0:2::91 control-plane1.undercloud.local control-plane1\n fd00:0:0:2::92 control-plane2.undercloud.local control-plane2\n fd00:0:0:2::93 control-plane3.undercloud.local control-plane3\n fd00:0:0:2::101 worker1.undercloud.local worker1\n fd00:0:0:2::102 worker2.undercloud.local worker2\n fd00:0:0:2::103 worker3.undercloud.local worker3\n 10.0.2.91 control-plane1.undercloud.local control-plane1\n 10.0.2.92 control-plane2.undercloud.local control-plane2\n 10.0.2.93 control-plane3.undercloud.local control-plane3\n 10.0.2.101 worker1.undercloud.local worker1\n 10.0.2.102 worker2.undercloud.local worker2\n 10.0.2.103 worker3.undercloud.local worker3\n\n - path: /etc/motd\n mode: 0644\n overwrite: true\n contents:\n inline: |\n *******************************************************************\n * AUTHORIZED ACCESS ONLY *\n * *\n * This system is part of a secured infrastructure. *\n * All activities are monitored and logged. *\n * Unauthorized access or misuse is strictly prohibited and *\n * may result in disciplinary and legal action. *\n *******************************************************************\n\n --------------------------------------------------------------------------------\n kubernetes controle plane Node\n\n Manage via:\n kubectl (kubectl)\n calico (calicoctl)\n velero - backup (velero)\n argocd https://argocd-server.argocd.svc.k8aux.undercloud.cf/\n --------------------------------------------------------------------------------\n\n - path: /etc/sysctl.d/99-k8s.conf\n mode: 0644\n contents:\n inline: |\n net.ipv4.ip_forward = 1\n net.ipv6.ip_forward = 1\n net.ipv6.conf.all.forwarding = 1\n net.ipv4.conf.all.forwarding = 1\n net.bridge.bridge-nf-call-iptables = 1\n net.bridge.bridge-nf-call-ip6tables = 1\n net.netfilter.nf_conntrack_max = 1000000\n net.ipv4.conf.all.rp_filter = 0\n net.ipv6.conf.all.disable_ipv6 = 0\n vm.overcommit_memory = 1\n fs.inotify.max_user_watches = 524288\n fs.inotify.max_user_instances = 512\n kernel.panic = 10\n kernel.panic_on_oops = 1\n\n - path: /etc/flatcar/update.conf\n overwrite: true\n mode: 0420\n contents:\n inline: |\n REBOOT_STRATEGY=off\n\n - path: /opt/bin/kubeadm\n mode: 0755\n contents:\n source: \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubeadm\"\n\n - path: /opt/bin/kubelet\n mode: 0755\n contents:\n source: \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubelet\"\n\n - path: /opt/bin/kubectl\n mode: 0755\n contents:\n source: \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubectl\"\n\n - path: /opt/bin/calicoctl\n mode: 0755\n contents:\n source: \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/calicoctl\"\n - path: \"/etc/install-calico/custom-resources.yaml\"\n overwrite: true\n mode: 0755\n contents:\n source: \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/calico-config/custom-resources.yaml\"\n\n - path: /etc/kubernetes/kubeadm-init.yaml\n mode: 0644\n contents:\n inline: |\n apiVersion: kubeadm.k8s.io/v1beta3\n kind: InitConfiguration\n bootstrapTokens:\n - token: \"kvg1hc.t3rewovrps426rof\"\n description: \"default kubeadm bootstrap token\"\n ttl: \"0\"\n nodeRegistration:\n name: control-plane1\n criSocket: unix:///run/containerd/containerd.sock\n kubeletExtraArgs:\n node-ip: \"fd00:0:0:2::91\"\n volume-plugin-dir: \"/opt/libexec/kubernetes/kubelet-plugins/volume/exec/\"\n localAPIEndpoint:\n advertiseAddress: \"fd00:0:0:2::91\"\n bindPort: 6443\n certificateKey: \"fee7c3e5cfcac7e4774c6efca0464a42d897f30f7300340d6578b5cfb4a3d34b\"\n ---\n apiVersion: kubeadm.k8s.io/v1beta3\n kind: ClusterConfiguration\n controlPlaneEndpoint: \"[fd00:0:0:2::100]:6443\"\n networking:\n podSubnet: \"fd00:0:0:a::/64,10.0.10.0/24\"\n serviceSubnet: \"fd00:0:0:f:1::/108,10.0.91.0/24\"\n dnsDomain: \"k8s.undercloud.local\"\n controllerManager:\n extraArgs:\n flex-volume-plugin-dir: \"/opt/libexec/kubernetes/kubelet-plugins/volume/exec/\"\n bind-address: '::'\n ---\n apiVersion: kubelet.config.k8s.io/v1beta1\n kind: KubeletConfiguration\n address: \"::\"\n healthzBindAddress: \"::\"\n clusterDomain: \"k8s.undercloud.local\"\n volumePluginDir: /opt/libexec/kubernetes/kubelet-plugins/volume/exec\n cgroupDriver: \"systemd\"\n\n - path: /etc/kubernetes/calico.yaml\n mode: 0644\n contents:\n source: \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/calico.yaml\"\n\nsystemd:\n units:\n - name: modules-load.service\n enabled: true\n contents: |\n [Unit]\n Description=Load necessary kernel modules\n Before=containerd.service kubeadm-init.service\n\n [Service]\n Type=oneshot\n\n ExecStart=/usr/bin/modprobe br_netfilter\n ExecStart=/usr/bin/modprobe overlay\n RemainAfterExit=yes\n\n [Install]\n WantedBy=multi-user.target\n\n - name: systemd-networkd-wait-online.service\n enabled: true\n\n - name: containerd.service\n enabled: true\n contents: |\n [Unit]\n Description=containerd container runtime\n After=network.target modules-load.service\n\n [Service]\n #StandardOutput=journal+console\n #StandardError=journal+console\n\n ExecStart=/usr/bin/containerd\n Restart=always\n RestartSec=5\n Delegate=yes\n KillMode=process\n OOMScoreAdjust=-999\n\n [Install]\n WantedBy=multi-user.\n\n - name: set-timezone.service\n enabled: true\n contents: |\n [Unit]\n Description=Set Timezone\n After=network-online.target\n Wants=network-online.target\n [Service]\n StandardOutput=journal+console\n StandardError=journal+console\n\n ExecStart=/bin/sh -c 'echo \"setting timezone to Europe/Berlin\"'\n StandardOutput=journal+console\n StandardError=journal+console\n Type=oneshot\n Restart=on-failure\n ExecStart=/usr/bin/timedatectl set-timezone Europe/Berlin\n ExecStart=/usr/bin/timedatectl set-ntp true \n [Install]\n WantedBy=kubeadm.service\n\n - name: kubelet.service\n enabled: true\n contents: |\n [Unit]\n Description=kubelet, the Kubernetes Node Agent\n Documentation=https://kubernets.io/docs/home\n Wants=network-online.target\n After=network-online.target\n [Service]\n #StandardOutput=journal+console\n #StandardError=journal+console\n\n #EnvironmentFile=/run/metadata/coreos\n Environment=\"KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf\"\n Environment=\"KUBELET_CONFIG_ARGS=--config=/var/lib/kubelet/config.yaml\"\n # This is a file that \"kubeadm init\" and \"kubeadm join\" generates at runtime, populating the KUBELET_KUBEADM_ARGS variable dynamically\n EnvironmentFile=-/var/lib/kubelet/kubeadm-flags.env\n ExecStart=/opt/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_CONFIG_ARGS $KUBELET_KUBEADM_ARGS $KUBELET_EXTRA_ARGS\n Restart=always\n StartLimitInterval=0\n RestartSec=10\n [Install]\n WantedBy=multi-user.target\n\n - name: kubeadm-init.service\n enabled: true\n contents: |\n [Unit]\n Description=Kubeadm Init Cluster\n After=network-online.target containerd.service kubelet.service\n Wants=network-online.target\n ConditionPathExists=!/etc/kubernetes/kubelet.conf\n\n [Service]\n Type=oneshot\n StandardOutput=journal+console\n StandardError=journal+console\n\n ExecStart=/bin/sh -c 'echo \"kubeadm-init.service started...\"'\n\n # Environment\n Environment=KUBECONFIG=/etc/kubernetes/admin.conf\n Environment=DATASTORE_TYPE=kubernetes\n Environment=PATH=/usr/bin/:/usr/sbin:/opt/bin:/opt/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent-uds/\n \n ExecStartPre=/bin/sleep 30s\n ExecStart=/bin/sh -c 'echo \"running kubeadm init...\"'\n ExecStart=/opt/bin/kubeadm init --upload-certs --config=/etc/kubernetes/kubeadm-init.yaml\n \n # copy files for kubectl\n ExecStart=/bin/sh -c 'echo \"copying files (admin.conf) to core home folder.\"'\n ExecStartPost=/usr/bin/mkdir -p /home/core/.kube\n ExecStartPost=/usr/bin/cp -i /etc/kubernetes/admin.conf /home/core/.kube/config\n ExecStartPost=/usr/bin/chown core:core /home/core/.kube/config\n \n ExecStartPost=/usr/bin/systemctl disable kubeadm-init.service\n Restart=on-failure\n RestartSec=120s\n [Install]\n WantedBy=multi-user.target\n - name: install-calico.service\n enabled: true\n contents: |\n [Unit]\n Wants=kubeadm-init.target\n After=kubeadm-init.target\n\n [Service]\n StandardOutput=journal+console\n StandardError=journal+console\n\n ExecStart=/bin/sh -c 'echo \"install.calico.service started...\"'\n Environment=KUBECONFIG=/etc/kubernetes/admin.conf\n Environment=DATASTORE_TYPE=kubernetes\n Environment=PATH=/usr/bin/:/usr/sbin:/opt/bin\n Type=oneshot\n StandardOutput=journal+console\n StandardError=journal+console\n ExecStart=/bin/sh -c 'echo \"witing 30s...\"'\n ExecStart=/bin/sleep 30s\n ExecStart=/bin/sh -c 'echo \"create calico namespace...\"'\n ExecStart=/opt/bin/kubectl apply -f http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/calico-config/namespace.yaml\n ExecStart=/bin/sh -c 'echo \"install tigera operator...\"'\n ExecStart=/opt/bin/kubectl create -f http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/calico-config/operator-crds.yaml\n ExecStart=/opt/bin/kubectl create -f http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/calico-config/tigera-operator.yaml\n ExecStart=/bin/sh -c 'echo \"witing 60s...\"'\n ExecStart=/bin/sleep 60s\n ExecStart=/bin/sh -c 'echo \"witing for tigera operator... (20mini max)\"'\n ExecStart=/opt/bin/kubectl wait deployment -n tigera-operator tigera-operator --for condition=Available=True --timeout=1200s\n ExecStart=/bin/sh -c 'echo \"create clico custom ressources...\"'\n ExecStart=/opt/bin/kubectl create -f /etc/install-calico/custom-resources.yaml\n \n ExecStart=/bin/sh -c 'echo \"witing 3m..\"'\n ExecStart=/bin/sleep 3m\n #ExecStart=/bin/sh -c 'echo \"apply calico (calico-apiserver)...\"'\n #ExecStart=/opt/bin/kubectl apply -f http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/calico-config/calico.yaml\n #ExecStart=/bin/sh -c 'echo \"witing 1m...\"'\n #ExecStart=/bin/sleep 1m\n ExecStart=/bin/sh -c 'echo \"witing calico-apiserver... (20mini max)\"'\n ExecStart=/opt/bin/kubectl wait deployment -n calico-apiserver calico-apiserver --for condition=Available=True --timeout=1200s\n ExecStart=/bin/sh -c 'echo \"witing 120s...\"'\n ExecStart=/bin/sleep 2m\n ExecStart=/bin/sh -c 'echo \"apply calico-peers...\"'\n ExecStart=/opt/bin/kubectl apply -f http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/calico-config/calico-peer.yaml\n ExecStart=/bin/sh -c 'echo \"witing 60s...\"'\n ExecStart=/bin/sleep 1m\n ExecStart=/bin/sh -c 'echo \"apply calico-ippools...\"'\n ExecStart=/opt/bin/kubectl apply -f http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/calico-config/ippools.yaml\n \n #ExecStart=/bin/sh -c 'echo \"witing for whisker..\"'\n #ExecStart=/opt/bin/kubectl wait deployment -n calico-system whisker --for condition=Available=True --timeout=1200s\n #ExecStart=/bin/sh -c 'echo \"port-forward -n calico-system service/whisker 8081:8081\"'\n #ExecStart=/opt/bin/kubectl port-forward -n calico-system service/whisker 8081:8081\n \n ExecStart=/usr/bin/systemctl disable install-calico.service\n #RemainAfterExit=true\n Restart=on-failure\n RestartSec=120s\n [Install]\n WantedBy=multi-user.target\n - name: install-argocd.service\n enabled: true\n contents: |\n [Unit]\n Wants=install-calico.target\n After=install-calico.target\n [Service]\n StandardOutput=journal+console\n StandardError=journal+console\n\n Environment=KUBECONFIG=/etc/kubernetes/admin.conf\n Environment=DATASTORE_TYPE=kubernetes\n Environment=PATH=/usr/bin/:/usr/sbin:/opt/bin\n Type=oneshot\n\n ExecStart=/opt/bin/kubectl wait deployment -n kube-system coredns --for condition=Available=True --timeout=600s\n \n ExecStart=/bin/sleep 1m\n ExecStart=/opt/bin/kubectl apply -n argocd -f http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/argocd/namespace.yaml\n ExecStart=/opt/bin/kubectl apply -n argocd -f http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/argocd/install.yaml\n ExecStart=/opt/bin/kubectl wait deployment -n argocd argocd-server --for condition=Available=True --timeout=600s\n \n #ExecStart=/bin/sleep 10s\n #ExecStart=/opt/bin/kubectl apply -n argocd -f http://aux-balancer.undercloud.cf:3000/undercloud/k8aux-bootstrap/raw/branch/main/repos/k8aux-bootstrap.yaml\n #ExecStart=/opt/bin/kubectl apply -n argocd -f http://aux-balancer.undercloud.cf:3000/undercloud/k8aux-bootstrap/raw/branch/main/repos/k8aux-apps.yaml\n #ExecStart=/opt/bin/kubectl apply -n argocd -f http://aux-balancer.undercloud.cf:3000/undercloud/k8aux-bootstrap/raw/branch/main/apps/argocd.yaml\n #ExecStart=/opt/bin/kubectl apply -n argocd -f http://aux-balancer.undercloud.cf:3000/undercloud/k8aux-bootstrap/raw/branch/main/apps/calico.yaml\n #ExecStart=/opt/bin/kubectl apply -n argocd -f http://aux-balancer.undercloud.cf:3000/undercloud/k8aux-bootstrap/raw/branch/main/apps/rook-ceph.yaml\n #ExecStart=/opt/bin/kubectl apply -n argocd -f http://aux-balancer.undercloud.cf:3000/undercloud/k8aux-bootstrap/raw/branch/main/apps/gitea.yaml\n #ExecStart=/opt/bin/kubectl apply -n argocd -f http://aux-balancer.undercloud.cf:3000/undercloud/k8aux-bootstrap/raw/branch/main/argocd/argocd-secret.yaml\n ##ExecStart=/bin/sleep 10m\n #ExecStart=/opt/bin/kubectl wait deployment -n gitea gitea --for condition=Available=True --timeout=4800s\n #ExecStart=/bin/sleep 10m\n #ExecStart=/opt/bin/kubectl apply -n argocd -f http://gitea.gitea.svc.k8aux.undercloud.cf:3000/undercloud/k8aux-apps/raw/branch/main/app-of-apps/app-of-apps.yaml\n \n ExecStart=/usr/bin/systemctl disable install-argocd.service\n Restart=on-failure\n RestartSec=120s\n [Install]\n WantedBy=multi-user.target", "id": "1696794206", "pretty_print": true, "rendered": "{\n \"ignition\": {\n \"config\": {\n \"replace\": {\n \"verification\": {}\n }\n },\n \"proxy\": {},\n \"security\": {\n \"tls\": {}\n },\n \"timeouts\": {},\n \"version\": \"3.4.0\"\n },\n \"kernelArguments\": {},\n \"passwd\": {\n \"users\": [\n {\n \"name\": \"core\",\n \"sshAuthorizedKeys\": [\n \"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHHEAlPo3v4U67Y3411pTjIMkQxwlFWdXrBJkSzXenDH flatcar@undercloud\"\n ]\n }\n ]\n },\n \"storage\": {\n \"directories\": [\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/opt/bin\",\n \"user\": {},\n \"mode\": 493\n },\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/opt/cni/bin\",\n \"user\": {},\n \"mode\": 755\n },\n {\n \"group\": {},\n \"path\": \"/etc/kubernetes/manifests\",\n \"user\": {},\n \"mode\": 493\n },\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/etc/install-calico\",\n \"user\": {},\n \"mode\": 493\n }\n ],\n \"files\": [\n {\n \"group\": {},\n \"path\": \"/etc/hostname\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"\",\n \"source\": \"data:,control-plane1%0A\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"path\": \"/etc/systemd/network/00-eth.network\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/4r2TSxJzojl8kvMTbVNLcnQ4uKK9kstKc8vyo7lckxJKUotLrZNSzEwsAJBIysrS0N9MxMu98SS1PLEShQZYy4Xv2CEiLGVlSHcBEMDPQM9Iz1LQ30jhGaoIEQfmGOsZ8jlkp+bmJlXbFual5JalJyTX5qil5OfnJjDBQgAAP//szh4MqsAAAA=\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/etc/hosts\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/5TRYcqDMAwG4P+eIhewNAl8H/Y2rjo2LEY6Zdcf3arQMgnTX83bB8obpH9jjTUIAEF8H27yWBvn0vnzHVO4L39tfZLl0vupuQ7WuvSTcx2Cl3mNEtol9POIZpuHMfog22DevspLTWVKiqZSc5myornQaBGeEqcxfnlzDipAeU5ngCrAec5ngBtMCyHTpR382OROqaZ6jTvlmuodZprq0/s7LhPo3R2XGfTeXgEAAP//kbvS+8wCAAA=\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/etc/motd\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/6yRwYobMQyG7/MUOmYX4lzL3sJ2oYV2A01yaG+KrMyIeOxBkodOn74kk0MPaSg0/8WWkD4+4+f/T/MMf8l6v/u0+fb5x9tHWL++vm23sHn/8v3G4B3GP+fC2HViYJM59yAGA6pDOQKCMVXlCJKPiuZayatyuMVYpwRILqO4sAEqQ1+yeDnvY46QSttyDPc89hmrd0Xl13mHiM2gKPRi1fhsZq5CniYYtHRyEL+y/2D0OIGy1eQgGaIYyZAko06zBbc4i5Ycbns84G+b5YPTnOqBNbOzAZXsWhLDkDAzvJfITfMVM7YMo+DLZZY8weJ6eWoIk1CBxXxeWiMn1gJLOCCd6gCLufHUoLaFInTug72sVnO5NNaRNcxVsJHC6QPWn6HmyEqp1BjouHr8u38HAAD//04R3qpqAwAA\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"path\": \"/etc/sysctl.d/99-k8s.conf\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/4zQX27CMAwG8HdO0QsQASqIF85imdRhFokdOVmB20/duu6PMo3vJVL0i+wvQtVxHnvHGYLaDW3ofufUbVezOzztvEpwGKObNcul4fpn3Nl4uNB8rCWsPca45lzxHKn87w4z/HRCNXCsZE4CeBWphv4KCe/L3M17Gltaho+331pvGq0HLtNQmG6/3JicjmReU+IKiZLao/WLoTgWrRweLuEdXgsZ3LD6l6nu4va7fnc8NjFLqSh+4aduv92trmRC0WUU9t0fmcr/gKACqrm09nwLAAD//0919F4+AgAA\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/etc/flatcar/update.conf\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"\",\n \"source\": \"data:,REBOOT_STRATEGY%3Doff%0A\",\n \"verification\": {}\n },\n \"mode\": 272\n },\n {\n \"group\": {},\n \"path\": \"/opt/bin/kubeadm\",\n \"user\": {},\n \"contents\": {\n \"source\": \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubeadm\",\n \"verification\": {}\n },\n \"mode\": 493\n },\n {\n \"group\": {},\n \"path\": \"/opt/bin/kubelet\",\n \"user\": {},\n \"contents\": {\n \"source\": \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubelet\",\n \"verification\": {}\n },\n \"mode\": 493\n },\n {\n \"group\": {},\n \"path\": \"/opt/bin/kubectl\",\n \"user\": {},\n \"contents\": {\n \"source\": \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubectl\",\n \"verification\": {}\n },\n \"mode\": 493\n },\n {\n \"group\": {},\n \"path\": \"/opt/bin/calicoctl\",\n \"user\": {},\n \"contents\": {\n \"source\": \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/calicoctl\",\n \"verification\": {}\n },\n \"mode\": 493\n },\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/etc/install-calico/custom-resources.yaml\",\n \"user\": {},\n \"contents\": {\n \"source\": \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/calico-config/custom-resources.yaml\",\n \"verification\": {}\n },\n \"mode\": 493\n },\n {\n \"group\": {},\n \"path\": \"/etc/kubernetes/kubeadm-init.yaml\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/6xSQWvbMBi961cIXXqZLTtW41S3rO2hlEFYxy5jB1n67AorkpFkN92vH7KTrGGFjTECQeD33vfe9z4x6K/gg3aW435sQKh93m9Crh2dygaiqFCvreL4wep462yru9GLqJ1FjXMxRC+GL64HGzjCOMMxvTkm/dSVzzKPlYcXN/khsNXau5YgjDFWEKTXQ5ynEgWtGE08jcdn3UVsocRoOCYFQdYp+AydTohZAGFsxR44ls5G70w2GGGhRBhLr5+c7CFyPFp94JRSP1qacEJb8OrNMw9O9gjPJgzE+0P0Yuu7ORXGaWimB45Jq4qCp9+K85ty8TY5M+4hG8zYaZsp7Tkm1A2RGt3AASRNot5ChECP+kdwoAuXzjCCjJPCbHcP91YNTtuYpgs1gY86wFYpDyG8a6LRVu2cjxyvGauQTIxWSxHhEV4TA6CWFVzLVgpZA6trJtfQSlGwNRNspTY3dVsVbV0VRcUKtb6uN821bBsmKlWxhqAsy9BfH8utGUMEf3kvx352qZ5zQEy+vU1TFsV3niIQZCG+ON9r26UtDE49jY1NXf6KLzina/ahLPIiT390xdIyAvhJS/gd3/KSc1oWm4VyU54pyoY7txd6Pt1NyEerwEvjRpXPnZCTewP+k7CiA59cweWZtAYO2f+7hiSZis3Eqfkrzq/ebcJAzOW87ctCymMhjwvmspCzLOGcoGcQJj7/+Kit2l58kEuZf9jPYn03B7lLof8hM5Kdd+Nw5/UEaW3hNUTYK4J+BgAA///wuZ+zpgQAAA==\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"path\": \"/etc/kubernetes/calico.yaml\",\n \"user\": {},\n \"contents\": {\n \"source\": \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/calico.yaml\",\n \"verification\": {}\n },\n \"mode\": 420\n }\n ]\n },\n \"systemd\": {\n \"units\": [\n {\n \"contents\": \"[Unit]\\nDescription=Load necessary kernel modules\\nBefore=containerd.service kubeadm-init.service\\n\\n[Service]\\nType=oneshot\\n\\nExecStart=/usr/bin/modprobe br_netfilter\\nExecStart=/usr/bin/modprobe overlay\\nRemainAfterExit=yes\\n\\n[Install]\\nWantedBy=multi-user.target\\n\",\n \"enabled\": true,\n \"name\": \"modules-load.service\"\n },\n {\n \"enabled\": true,\n \"name\": \"systemd-networkd-wait-online.service\"\n },\n {\n \"contents\": \"[Unit]\\nDescription=containerd container runtime\\nAfter=network.target modules-load.service\\n\\n[Service]\\n#StandardOutput=journal+console\\n#StandardError=journal+console\\n\\nExecStart=/usr/bin/containerd\\nRestart=always\\nRestartSec=5\\nDelegate=yes\\nKillMode=process\\nOOMScoreAdjust=-999\\n\\n[Install]\\nWantedBy=multi-user.\\n\",\n \"enabled\": true,\n \"name\": \"containerd.service\"\n },\n {\n \"contents\": \"[Unit]\\nDescription=Set Timezone\\nAfter=network-online.target\\nWants=network-online.target\\n[Service]\\nStandardOutput=journal+console\\nStandardError=journal+console\\n\\nExecStart=/bin/sh -c 'echo \\\"setting timezone to Europe/Berlin\\\"'\\nStandardOutput=journal+console\\nStandardError=journal+console\\nType=oneshot\\nRestart=on-failure\\nExecStart=/usr/bin/timedatectl set-timezone Europe/Berlin\\nExecStart=/usr/bin/timedatectl set-ntp true \\n[Install]\\nWantedBy=kubeadm.service\\n\",\n \"enabled\": true,\n \"name\": \"set-timezone.service\"\n },\n {\n \"contents\": \"[Unit]\\nDescription=kubelet, the Kubernetes Node Agent\\nDocumentation=https://kubernets.io/docs/home\\nWants=network-online.target\\nAfter=network-online.target\\n[Service]\\n#StandardOutput=journal+console\\n#StandardError=journal+console\\n\\n#EnvironmentFile=/run/metadata/coreos\\nEnvironment=\\\"KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf\\\"\\nEnvironment=\\\"KUBELET_CONFIG_ARGS=--config=/var/lib/kubelet/config.yaml\\\"\\n# This is a file that \\\"kubeadm init\\\" and \\\"kubeadm join\\\" generates at runtime, populating the KUBELET_KUBEADM_ARGS variable dynamically\\nEnvironmentFile=-/var/lib/kubelet/kubeadm-flags.env\\nExecStart=/opt/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_CONFIG_ARGS $KUBELET_KUBEADM_ARGS $KUBELET_EXTRA_ARGS\\nRestart=always\\nStartLimitInterval=0\\nRestartSec=10\\n[Install]\\nWantedBy=multi-user.target\\n\",\n \"enabled\": true,\n \"name\": \"kubelet.service\"\n },\n {\n \"contents\": \"[Unit]\\nDescription=Kubeadm Init Cluster\\nAfter=network-online.target containerd.service kubelet.service\\nWants=network-online.target\\nConditionPathExists=!/etc/kubernetes/kubelet.conf\\n\\n[Service]\\nType=oneshot\\nStandardOutput=journal+console\\nStandardError=journal+console\\n\\nExecStart=/bin/sh -c 'echo \\\"kubeadm-init.service started...\\\"'\\n\\n# Environment\\nEnvironment=KUBECONFIG=/etc/kubernetes/admin.conf\\nEnvironment=DATASTORE_TYPE=kubernetes\\nEnvironment=PATH=/usr/bin/:/usr/sbin:/opt/bin:/opt/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent-uds/\\n\\nExecStartPre=/bin/sleep 30s\\nExecStart=/bin/sh -c 'echo \\\"running kubeadm init...\\\"'\\nExecStart=/opt/bin/kubeadm init --upload-certs --config=/etc/kubernetes/kubeadm-init.yaml\\n\\n# copy files for kubectl\\nExecStart=/bin/sh -c 'echo \\\"copying files (admin.conf) to core home folder.\\\"'\\nExecStartPost=/usr/bin/mkdir -p /home/core/.kube\\nExecStartPost=/usr/bin/cp -i /etc/kubernetes/admin.conf /home/core/.kube/config\\nExecStartPost=/usr/bin/chown core:core /home/core/.kube/config\\n\\nExecStartPost=/usr/bin/systemctl disable kubeadm-init.service\\nRestart=on-failure\\nRestartSec=120s\\n[Install]\\nWantedBy=multi-user.target\\n\",\n \"enabled\": true,\n \"name\": \"kubeadm-init.service\"\n },\n {\n \"contents\": \"[Unit]\\nWants=kubeadm-init.target\\nAfter=kubeadm-init.target\\n\\n[Service]\\nStandardOutput=journal+console\\nStandardError=journal+console\\n\\nExecStart=/bin/sh -c 'echo \\\"install.calico.service started...\\\"'\\nEnvironment=KUBECONFIG=/etc/kubernetes/admin.conf\\nEnvironment=DATASTORE_TYPE=kubernetes\\nEnvironment=PATH=/usr/bin/:/usr/sbin:/opt/bin\\nType=oneshot\\nStandardOutput=journal+console\\nStandardError=journal+console\\nExecStart=/bin/sh -c 'echo \\\"witing 30s...\\\"'\\nExecStart=/bin/sleep 30s\\nExecStart=/bin/sh -c 'echo \\\"create calico namespace...\\\"'\\nExecStart=/opt/bin/kubectl apply -f http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/calico-config/namespace.yaml\\nExecStart=/bin/sh -c 'echo \\\"install tigera operator...\\\"'\\nExecStart=/opt/bin/kubectl create -f http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/calico-config/operator-crds.yaml\\nExecStart=/opt/bin/kubectl create -f http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/calico-config/tigera-operator.yaml\\nExecStart=/bin/sh -c 'echo \\\"witing 60s...\\\"'\\nExecStart=/bin/sleep 60s\\nExecStart=/bin/sh -c 'echo \\\"witing for tigera operator... (20mini max)\\\"'\\nExecStart=/opt/bin/kubectl wait deployment -n tigera-operator tigera-operator --for condition=Available=True --timeout=1200s\\nExecStart=/bin/sh -c 'echo \\\"create clico custom ressources...\\\"'\\nExecStart=/opt/bin/kubectl create -f /etc/install-calico/custom-resources.yaml\\n\\nExecStart=/bin/sh -c 'echo \\\"witing 3m..\\\"'\\nExecStart=/bin/sleep 3m\\n#ExecStart=/bin/sh -c 'echo \\\"apply calico (calico-apiserver)...\\\"'\\n#ExecStart=/opt/bin/kubectl apply -f http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/calico-config/calico.yaml\\n#ExecStart=/bin/sh -c 'echo \\\"witing 1m...\\\"'\\n#ExecStart=/bin/sleep 1m\\nExecStart=/bin/sh -c 'echo \\\"witing calico-apiserver... (20mini max)\\\"'\\nExecStart=/opt/bin/kubectl wait deployment -n calico-apiserver calico-apiserver --for condition=Available=True --timeout=1200s\\nExecStart=/bin/sh -c 'echo \\\"witing 120s...\\\"'\\nExecStart=/bin/sleep 2m\\nExecStart=/bin/sh -c 'echo \\\"apply calico-peers...\\\"'\\nExecStart=/opt/bin/kubectl apply -f http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/calico-config/calico-peer.yaml\\nExecStart=/bin/sh -c 'echo \\\"witing 60s...\\\"'\\nExecStart=/bin/sleep 1m\\nExecStart=/bin/sh -c 'echo \\\"apply calico-ippools...\\\"'\\nExecStart=/opt/bin/kubectl apply -f http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/calico-config/ippools.yaml\\n\\n#ExecStart=/bin/sh -c 'echo \\\"witing for whisker..\\\"'\\n#ExecStart=/opt/bin/kubectl wait deployment -n calico-system whisker --for condition=Available=True --timeout=1200s\\n#ExecStart=/bin/sh -c 'echo \\\"port-forward -n calico-system service/whisker 8081:8081\\\"'\\n#ExecStart=/opt/bin/kubectl port-forward -n calico-system service/whisker 8081:8081\\n\\nExecStart=/usr/bin/systemctl disable install-calico.service\\n#RemainAfterExit=true\\nRestart=on-failure\\nRestartSec=120s\\n[Install]\\nWantedBy=multi-user.target\\n\",\n \"enabled\": true,\n \"name\": \"install-calico.service\"\n },\n {\n \"contents\": \"[Unit]\\nWants=install-calico.target\\nAfter=install-calico.target\\n[Service]\\nStandardOutput=journal+console\\nStandardError=journal+console\\n\\nEnvironment=KUBECONFIG=/etc/kubernetes/admin.conf\\nEnvironment=DATASTORE_TYPE=kubernetes\\nEnvironment=PATH=/usr/bin/:/usr/sbin:/opt/bin\\nType=oneshot\\n\\nExecStart=/opt/bin/kubectl wait deployment -n kube-system coredns --for condition=Available=True --timeout=600s\\n\\nExecStart=/bin/sleep 1m\\nExecStart=/opt/bin/kubectl apply -n argocd -f http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/argocd/namespace.yaml\\nExecStart=/opt/bin/kubectl apply -n argocd -f http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/argocd/install.yaml\\nExecStart=/opt/bin/kubectl wait deployment -n argocd argocd-server --for condition=Available=True --timeout=600s\\n\\n#ExecStart=/bin/sleep 10s\\n#ExecStart=/opt/bin/kubectl apply -n argocd -f http://aux-balancer.undercloud.cf:3000/undercloud/k8aux-bootstrap/raw/branch/main/repos/k8aux-bootstrap.yaml\\n#ExecStart=/opt/bin/kubectl apply -n argocd -f http://aux-balancer.undercloud.cf:3000/undercloud/k8aux-bootstrap/raw/branch/main/repos/k8aux-apps.yaml\\n#ExecStart=/opt/bin/kubectl apply -n argocd -f http://aux-balancer.undercloud.cf:3000/undercloud/k8aux-bootstrap/raw/branch/main/apps/argocd.yaml\\n#ExecStart=/opt/bin/kubectl apply -n argocd -f http://aux-balancer.undercloud.cf:3000/undercloud/k8aux-bootstrap/raw/branch/main/apps/calico.yaml\\n#ExecStart=/opt/bin/kubectl apply -n argocd -f http://aux-balancer.undercloud.cf:3000/undercloud/k8aux-bootstrap/raw/branch/main/apps/rook-ceph.yaml\\n#ExecStart=/opt/bin/kubectl apply -n argocd -f http://aux-balancer.undercloud.cf:3000/undercloud/k8aux-bootstrap/raw/branch/main/apps/gitea.yaml\\n#ExecStart=/opt/bin/kubectl apply -n argocd -f http://aux-balancer.undercloud.cf:3000/undercloud/k8aux-bootstrap/raw/branch/main/argocd/argocd-secret.yaml\\n##ExecStart=/bin/sleep 10m\\n#ExecStart=/opt/bin/kubectl wait deployment -n gitea gitea --for condition=Available=True --timeout=4800s\\n#ExecStart=/bin/sleep 10m\\n#ExecStart=/opt/bin/kubectl apply -n argocd -f http://gitea.gitea.svc.k8aux.undercloud.cf:3000/undercloud/k8aux-apps/raw/branch/main/app-of-apps/app-of-apps.yaml\\n\\nExecStart=/usr/bin/systemctl disable install-argocd.service\\nRestart=on-failure\\nRestartSec=120s\\n[Install]\\nWantedBy=multi-user.target\",\n \"enabled\": true,\n \"name\": \"install-argocd.service\"\n }\n ]\n }\n}", "snippets": null, "strict": false }, "sensitive_attributes": [], "identity_schema_version": 0 } ] }, { "mode": "data", "type": "ct_config", "name": "control_plane2_ignition", "provider": "provider[\"registry.terraform.io/poseidon/ct\"]", "instances": [ { "schema_version": 0, "attributes": { "content": "variant: flatcar\nversion: 1.1.0\n\npasswd:\n users:\n - name: core\n ssh_authorized_keys:\n - \"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHHEAlPo3v4U67Y3411pTjIMkQxwlFWdXrBJkSzXenDH flatcar@undercloud\"\n\nstorage:\n directories:\n - path: /opt/bin\n overwrite: true\n mode: 0755\n - path: /opt/cni/bin\n overwrite: true\n mode: 0755\n files:\n - path: /etc/hostname\n mode: 0644\n contents:\n inline: |\n control-plane2\n\n - path: /etc/systemd/network/00-eth.network\n mode: 0644\n contents:\n inline: |\n [Match]\n Name=eth*\n \n [Network]\n Address=fd00:0:0:2::92/64\n Gateway=fd00:0:0:2::3\n DNS=fd00:0:0:3::1\n Address=10.0.2.92/24\n Gateway=10.0.2.3\n DNS=10.0.3.1\n Domains=undercloud.local\n\n - path: /etc/hosts\n mode: 0644\n overwrite: true\n contents:\n inline: |\n 127.0.0.1 localhost\n ::1 localhost ip6-localhost ip6-loopback\n fd00:0:0:2::91 control-plane1.undercloud.local control-plane1\n fd00:0:0:2::92 control-plane2.undercloud.local control-plane2\n fd00:0:0:2::93 control-plane3.undercloud.local control-plane3\n fd00:0:0:2::101 worker1.undercloud.local worker1\n fd00:0:0:2::102 worker2.undercloud.local worker2\n fd00:0:0:2::103 worker3.undercloud.local worker3\n 10.0.2.91 control-plane1.undercloud.local control-plane1\n 10.0.2.92 control-plane2.undercloud.local control-plane2\n 10.0.2.93 control-plane3.undercloud.local control-plane3\n 10.0.2.101 worker1.undercloud.local worker1\n 10.0.2.102 worker2.undercloud.local worker2\n 10.0.2.103 worker3.undercloud.local worker3\n\n - path: /etc/motd\n mode: 0644\n overwrite: true\n contents:\n inline: |\n *******************************************************************\n * AUTHORIZED ACCESS ONLY *\n * *\n * This system is part of a secured infrastructure. *\n * All activities are monitored and logged. *\n * Unauthorized access or misuse is strictly prohibited and *\n * may result in disciplinary and legal action. *\n *******************************************************************\n\n --------------------------------------------------------------------------------\n kubernetes controle plane Node\n\n Manage via:\n kubectl (kubectl)\n calico (calicoctl)\n velero - backup (velero)\n argocd https://argocd-server.argocd.svc.k8aux.undercloud.cf/\n --------------------------------------------------------------------------------\n\n - path: /etc/sysctl.d/99-k8s.conf\n mode: 0644\n contents:\n inline: |\n net.ipv4.ip_forward = 1\n net.ipv6.ip_forward = 1\n net.ipv6.conf.all.forwarding = 1\n net.ipv4.conf.all.forwarding = 1\n net.bridge.bridge-nf-call-iptables = 1\n net.bridge.bridge-nf-call-ip6tables = 1\n net.netfilter.nf_conntrack_max = 1000000\n net.ipv4.conf.all.rp_filter = 0\n net.ipv6.conf.all.disable_ipv6 = 0\n vm.overcommit_memory = 1\n fs.inotify.max_user_watches = 524288\n fs.inotify.max_user_instances = 512\n kernel.panic = 10\n kernel.panic_on_oops = 1\n\n - path: /etc/flatcar/update.conf\n overwrite: true\n mode: 0420\n contents:\n inline: |\n REBOOT_STRATEGY=off\n\n - path: /opt/bin/kubeadm\n mode: 0755\n contents:\n source: \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubeadm\"\n\n - path: /opt/bin/kubelet\n mode: 0755\n contents:\n source: \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubelet\"\n\n - path: /opt/bin/kubectl\n mode: 0755\n contents:\n source: \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubectl\"\n\n - path: /opt/bin/calicoctl\n mode: 0755\n contents:\n source: \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/calicoctl\"\n\n - path: /etc/kubernetes/kubeadm-join.yaml\n mode: 0644\n contents:\n inline: |\n apiVersion: kubeadm.k8s.io/v1beta3\n kind: JoinConfiguration\n controlPlane:\n localAPIEndpoint:\n advertiseAddress: \"fd00:0:0:2::92\"\n bindPort: 6443\n certificateKey: \"fee7c3e5cfcac7e4774c6efca0464a42d897f30f7300340d6578b5cfb4a3d34b\"\n nodeRegistration:\n name: control-plane2\n criSocket: unix:///run/containerd/containerd.sock\n kubeletExtraArgs:\n node-ip: \"fd00:0:0:2::92\"\n volume-plugin-dir: \"/opt/libexec/kubernetes/kubelet-plugins/volume/exec/\"\n discovery:\n bootstrapToken:\n apiServerEndpoint: \"[fd00:0:0:2::100]:6443\"\n token: \"kvg1hc.t3rewovrps426rof\"\n unsafeSkipCAVerification: true\n ---\n apiVersion: kubelet.config.k8s.io/v1beta1\n kind: KubeletConfiguration\n address: \"::\"\n healthzBindAddress: \"::\"\n clusterDomain: \"k8aux.undercloud.local\"\n clusterDNS:\n - \"2001:470:72f0:f:1::a\"\n cgroupDriver: \"systemd\" \n volumePluginDir: \"/opt/libexec/kubernetes/kubelet-plugins/volume/exec/\"\n\nsystemd:\n units:\n - name: modules-load.service\n enabled: true\n contents: |\n [Unit]\n Description=Load necessary kernel modules\n Before=containerd.service kubeadm-init.service\n\n [Service]\n Type=oneshot\n ExecStart=/usr/bin/modprobe br_netfilter\n ExecStart=/usr/bin/modprobe overlay\n RemainAfterExit=yes\n\n [Install]\n WantedBy=multi-user.target\n\n - name: systemd-networkd-wait-online.service\n enabled: true\n\n - name: containerd.service\n enabled: true\n contents: |\n [Unit]\n Description=containerd container runtime\n After=network.target modules-load.service\n\n [Service]\n ExecStart=/usr/bin/containerd\n Restart=always\n RestartSec=5\n Delegate=yes\n KillMode=process\n OOMScoreAdjust=-999\n\n [Install]\n WantedBy=multi-user.\n\n - name: set-timezone.service\n enabled: true\n contents: |\n [Unit]\n Description=Set Timezone\n After=network-online.target\n Wants=network-online.target\n [Service]\n StandardOutput=journal+console\n StandardError=journal+console\n Type=oneshot\n Restart=on-failure\n ExecStart=/usr/bin/timedatectl set-timezone Europe/Berlin\n ExecStart=/usr/bin/timedatectl set-ntp true \n [Install]\n WantedBy=kubeadm.service\n\n - name: kubelet.service\n enabled: true\n contents: |\n [Unit]\n Description=kubelet, the Kubernetes Node Agent\n Documentation=https://kubernets.io/docs/home\n Wants=network-online.target\n After=network-online.target\n [Service]\n #StandardOutput=journal+console\n #StandardError=journal+console\n #EnvironmentFile=/run/metadata/coreos\n Environment=\"KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf\"\n Environment=\"KUBELET_CONFIG_ARGS=--config=/var/lib/kubelet/config.yaml\"\n # This is a file that \"kubeadm init\" and \"kubeadm join\" generates at runtime, populating the KUBELET_KUBEADM_ARGS variable dynamically\n EnvironmentFile=-/var/lib/kubelet/kubeadm-flags.env\n ExecStart=/opt/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_CONFIG_ARGS $KUBELET_KUBEADM_ARGS $KUBELET_EXTRA_ARGS\n Restart=always\n StartLimitInterval=0\n RestartSec=10\n [Install]\n WantedBy=multi-user.target\n\n - name: kubeadm-join.service\n enabled: true\n contents: |\n [Unit]\n Description=Join node to Kubernetes cluster\n After=network-online.target containerd.service kubelet.service\n Wants=network-online.target\n\n [Service]\n Type=oneshot\n # Environment\n Environment=KUBECONFIG=/etc/kubernetes/admin.conf\n Environment=DATASTORE_TYPE=kubernetes\n Environment=PATH=/usr/bin/:/usr/sbin:/opt/bin:/opt/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent-uds/\n \n ExecStartPre=/bin/sleep 30s\n\n ExecStart=/opt/bin/kubeadm join --config=/etc/kubernetes/kubeadm-join.yaml\n\n # copy files for kubectl\n ExecStartPost=/usr/bin/mkdir -p /home/core/.kube\n ExecStartPost=/usr/bin/cp -i /etc/kubernetes/admin.conf /home/core/.kube/config\n ExecStartPost=/usr/bin/chown core:core /home/core/.kube/config\n \n #ExecStartPost=/usr/bin/systemctl disable kubeadm-init.service\n Restart=on-failure\n RestartSec=120s\n\n [Install]\n WantedBy=multi-user.target\n", "id": "2829651611", "pretty_print": true, "rendered": "{\n \"ignition\": {\n \"config\": {\n \"replace\": {\n \"verification\": {}\n }\n },\n \"proxy\": {},\n \"security\": {\n \"tls\": {}\n },\n \"timeouts\": {},\n \"version\": \"3.4.0\"\n },\n \"kernelArguments\": {},\n \"passwd\": {\n \"users\": [\n {\n \"name\": \"core\",\n \"sshAuthorizedKeys\": [\n \"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHHEAlPo3v4U67Y3411pTjIMkQxwlFWdXrBJkSzXenDH flatcar@undercloud\"\n ]\n }\n ]\n },\n \"storage\": {\n \"directories\": [\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/opt/bin\",\n \"user\": {},\n \"mode\": 493\n },\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/opt/cni/bin\",\n \"user\": {},\n \"mode\": 493\n }\n ],\n \"files\": [\n {\n \"group\": {},\n \"path\": \"/etc/hostname\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"\",\n \"source\": \"data:,control-plane2%0A\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"path\": \"/etc/systemd/network/00-eth.network\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/4r2TSxJzojl8kvMTbVNLcnQ4uKK9kstKc8vyo7lckxJKUotLrZNSzEwsAJBIysrSyN9MxMu98SS1PLEShQZYy4Xv2CEiLGVlSHcBEMDPQM9Iz1LI30jhGaoIEQfmGOsZ8jlkp+bmJlXbFual5JalJyTX5qil5OfnJjDBQgAAP//eq4bWKsAAAA=\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/etc/hosts\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/5TRYcqDMAwG4P+eIhewNAl8H/Y2rjo2LEY6Zdcf3arQMgnTX83bB8obpH9jjTUIAEF8H27yWBvn0vnzHVO4L39tfZLl0vupuQ7WuvSTcx2Cl3mNEtol9POIZpuHMfog22DevspLTWVKiqZSc5myornQaBGeEqcxfnlzDipAeU5ngCrAec5ngBtMCyHTpR382OROqaZ6jTvlmuodZprq0/s7LhPo3R2XGfTeXgEAAP//kbvS+8wCAAA=\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/etc/motd\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/6yRwYobMQyG7/MUOmYX4lzL3sJ2oYV2A01yaG+KrMyIeOxBkodOn74kk0MPaSg0/8WWkD4+4+f/T/MMf8l6v/u0+fb5x9tHWL++vm23sHn/8v3G4B3GP+fC2HViYJM59yAGA6pDOQKCMVXlCJKPiuZayatyuMVYpwRILqO4sAEqQ1+yeDnvY46QSttyDPc89hmrd0Xl13mHiM2gKPRi1fhsZq5CniYYtHRyEL+y/2D0OIGy1eQgGaIYyZAko06zBbc4i5Ycbns84G+b5YPTnOqBNbOzAZXsWhLDkDAzvJfITfMVM7YMo+DLZZY8weJ6eWoIk1CBxXxeWiMn1gJLOCCd6gCLufHUoLaFInTug72sVnO5NNaRNcxVsJHC6QPWn6HmyEqp1BjouHr8u38HAAD//04R3qpqAwAA\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"path\": \"/etc/sysctl.d/99-k8s.conf\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/4zQX27CMAwG8HdO0QsQASqIF85imdRhFokdOVmB20/duu6PMo3vJVL0i+wvQtVxHnvHGYLaDW3ofufUbVezOzztvEpwGKObNcul4fpn3Nl4uNB8rCWsPca45lzxHKn87w4z/HRCNXCsZE4CeBWphv4KCe/L3M17Gltaho+331pvGq0HLtNQmG6/3JicjmReU+IKiZLao/WLoTgWrRweLuEdXgsZ3LD6l6nu4va7fnc8NjFLqSh+4aduv92trmRC0WUU9t0fmcr/gKACqrm09nwLAAD//0919F4+AgAA\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/etc/flatcar/update.conf\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"\",\n \"source\": \"data:,REBOOT_STRATEGY%3Doff%0A\",\n \"verification\": {}\n },\n \"mode\": 272\n },\n {\n \"group\": {},\n \"path\": \"/opt/bin/kubeadm\",\n \"user\": {},\n \"contents\": {\n \"source\": \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubeadm\",\n \"verification\": {}\n },\n \"mode\": 493\n },\n {\n \"group\": {},\n \"path\": \"/opt/bin/kubelet\",\n \"user\": {},\n \"contents\": {\n \"source\": \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubelet\",\n \"verification\": {}\n },\n \"mode\": 493\n },\n {\n \"group\": {},\n \"path\": \"/opt/bin/kubectl\",\n \"user\": {},\n \"contents\": {\n \"source\": \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubectl\",\n \"verification\": {}\n },\n \"mode\": 493\n },\n {\n \"group\": {},\n \"path\": \"/opt/bin/calicoctl\",\n \"user\": {},\n \"contents\": {\n \"source\": \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/calicoctl\",\n \"verification\": {}\n },\n \"mode\": 493\n },\n {\n \"group\": {},\n \"path\": \"/etc/kubernetes/kubeadm-join.yaml\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/6SST2+cPBDG73wKizvgBbJsfNs3yeFtpGrVrXKpejD2sBnhtdHYppt++sqwSrOVeqq4IHjmzzPPT074AuTRWcHG2IPU53Lc+RJdNW96CLLJRrRasE8O7YOzA54iyYDOZsrZQM4cjLQgMsaMU9LsD/8/WT05tCF9Y0zqGSigh73WBN4Llg+ac5GeWoj7Ol9kPVp9cBQE27ZtkzGmUtWASgZ4hrdUBdCpBu7UoKTqoO26Vm1hUJK321a2td7dd0PDh67hvGm53t51u/5ODX0rG920fZ5Zp+ELnNCH1UFa0MozCHa1UkzJS52mEx6dGiEIFi1eRFVVFG2VdBItkP7wWnqnxowt5zMQni6B5J5OfvWfhhY4/cX27Ew8QzGZeEJbaCTB8spNoTLYwwVUlZqShQC+uva/in211laLLM80euVmoLc0tncuJJfTVzeCvQYx4RFoBnrPh+XfPu604fy7SNdfVwtLKcvH+bR5VWVoCH64mSbf1ltywyqK1ssBjiNOD/sXoDWwBaZAEbKiKLI/CTMQSrWAdAva5gra86q5ZU2+wyNEnr2CNOH1539o9f7mhzLRB6BHd5a47L6T8VJGq4GUcVGXC6O/dZ+P6TYFy2vON6LtuOjqgYtBbISQeaZO5OL0SDhDCsa/+QBnnbNsPf1hCeLxH0L7FQAA///TJ/QufgMAAA==\",\n \"verification\": {}\n },\n \"mode\": 420\n }\n ]\n },\n \"systemd\": {\n \"units\": [\n {\n \"contents\": \"[Unit]\\nDescription=Load necessary kernel modules\\nBefore=containerd.service kubeadm-init.service\\n\\n[Service]\\nType=oneshot\\nExecStart=/usr/bin/modprobe br_netfilter\\nExecStart=/usr/bin/modprobe overlay\\nRemainAfterExit=yes\\n\\n[Install]\\nWantedBy=multi-user.target\\n\",\n \"enabled\": true,\n \"name\": \"modules-load.service\"\n },\n {\n \"enabled\": true,\n \"name\": \"systemd-networkd-wait-online.service\"\n },\n {\n \"contents\": \"[Unit]\\nDescription=containerd container runtime\\nAfter=network.target modules-load.service\\n\\n[Service]\\nExecStart=/usr/bin/containerd\\nRestart=always\\nRestartSec=5\\nDelegate=yes\\nKillMode=process\\nOOMScoreAdjust=-999\\n\\n[Install]\\nWantedBy=multi-user.\\n\",\n \"enabled\": true,\n \"name\": \"containerd.service\"\n },\n {\n \"contents\": \"[Unit]\\nDescription=Set Timezone\\nAfter=network-online.target\\nWants=network-online.target\\n[Service]\\nStandardOutput=journal+console\\nStandardError=journal+console\\nType=oneshot\\nRestart=on-failure\\nExecStart=/usr/bin/timedatectl set-timezone Europe/Berlin\\nExecStart=/usr/bin/timedatectl set-ntp true \\n[Install]\\nWantedBy=kubeadm.service\\n\",\n \"enabled\": true,\n \"name\": \"set-timezone.service\"\n },\n {\n \"contents\": \"[Unit]\\nDescription=kubelet, the Kubernetes Node Agent\\nDocumentation=https://kubernets.io/docs/home\\nWants=network-online.target\\nAfter=network-online.target\\n[Service]\\n#StandardOutput=journal+console\\n#StandardError=journal+console\\n#EnvironmentFile=/run/metadata/coreos\\nEnvironment=\\\"KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf\\\"\\nEnvironment=\\\"KUBELET_CONFIG_ARGS=--config=/var/lib/kubelet/config.yaml\\\"\\n# This is a file that \\\"kubeadm init\\\" and \\\"kubeadm join\\\" generates at runtime, populating the KUBELET_KUBEADM_ARGS variable dynamically\\nEnvironmentFile=-/var/lib/kubelet/kubeadm-flags.env\\nExecStart=/opt/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_CONFIG_ARGS $KUBELET_KUBEADM_ARGS $KUBELET_EXTRA_ARGS\\nRestart=always\\nStartLimitInterval=0\\nRestartSec=10\\n[Install]\\nWantedBy=multi-user.target\\n\",\n \"enabled\": true,\n \"name\": \"kubelet.service\"\n },\n {\n \"contents\": \"[Unit]\\nDescription=Join node to Kubernetes cluster\\nAfter=network-online.target containerd.service kubelet.service\\nWants=network-online.target\\n\\n[Service]\\nType=oneshot\\n# Environment\\nEnvironment=KUBECONFIG=/etc/kubernetes/admin.conf\\nEnvironment=DATASTORE_TYPE=kubernetes\\nEnvironment=PATH=/usr/bin/:/usr/sbin:/opt/bin:/opt/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent-uds/\\n\\nExecStartPre=/bin/sleep 30s\\n\\nExecStart=/opt/bin/kubeadm join --config=/etc/kubernetes/kubeadm-join.yaml\\n\\n# copy files for kubectl\\nExecStartPost=/usr/bin/mkdir -p /home/core/.kube\\nExecStartPost=/usr/bin/cp -i /etc/kubernetes/admin.conf /home/core/.kube/config\\nExecStartPost=/usr/bin/chown core:core /home/core/.kube/config\\n\\n#ExecStartPost=/usr/bin/systemctl disable kubeadm-init.service\\nRestart=on-failure\\nRestartSec=120s\\n\\n[Install]\\nWantedBy=multi-user.target\\n\",\n \"enabled\": true,\n \"name\": \"kubeadm-join.service\"\n }\n ]\n }\n}", "snippets": null, "strict": false }, "sensitive_attributes": [], "identity_schema_version": 0 } ] }, { "mode": "data", "type": "ct_config", "name": "control_plane3_ignition", "provider": "provider[\"registry.terraform.io/poseidon/ct\"]", "instances": [ { "schema_version": 0, "attributes": { "content": "variant: flatcar\nversion: 1.1.0\n\npasswd:\n users:\n - name: core\n ssh_authorized_keys:\n - \"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHHEAlPo3v4U67Y3411pTjIMkQxwlFWdXrBJkSzXenDH flatcar@undercloud\"\n\nstorage:\n directories:\n - path: /opt/bin\n overwrite: true\n mode: 0755\n - path: /opt/cni/bin\n overwrite: true\n mode: 0755\n files:\n - path: /etc/hostname\n mode: 0644\n contents:\n inline: |\n control-plane3\n\n - path: /etc/systemd/network/00-eth.network\n mode: 0644\n contents:\n inline: |\n [Match]\n Name=eth*\n \n [Network]\n Address=fd00:0:0:2::93/64\n Gateway=fd00:0:0:2::3\n DNS=fd00:0:0:3::1\n Address=10.0.2.93/24\n Gateway=10.0.2.3\n DNS=10.0.3.1\n Domains=undercloud.local\n\n - path: /etc/hosts\n mode: 0644\n overwrite: true\n contents:\n inline: |\n 127.0.0.1 localhost\n ::1 localhost ip6-localhost ip6-loopback\n fd00:0:0:2::91 control-plane1.undercloud.local control-plane1\n fd00:0:0:2::92 control-plane2.undercloud.local control-plane2\n fd00:0:0:2::93 control-plane3.undercloud.local control-plane3\n fd00:0:0:2::101 worker1.undercloud.local worker1\n fd00:0:0:2::102 worker2.undercloud.local worker2\n fd00:0:0:2::103 worker3.undercloud.local worker3\n 10.0.2.91 control-plane1.undercloud.local control-plane1\n 10.0.2.92 control-plane2.undercloud.local control-plane2\n 10.0.2.93 control-plane3.undercloud.local control-plane3\n 10.0.2.101 worker1.undercloud.local worker1\n 10.0.2.102 worker2.undercloud.local worker2\n 10.0.2.103 worker3.undercloud.local worker3\n\n - path: /etc/motd\n mode: 0644\n overwrite: true\n contents:\n inline: |\n *******************************************************************\n * AUTHORIZED ACCESS ONLY *\n * *\n * This system is part of a secured infrastructure. *\n * All activities are monitored and logged. *\n * Unauthorized access or misuse is strictly prohibited and *\n * may result in disciplinary and legal action. *\n *******************************************************************\n\n --------------------------------------------------------------------------------\n kubernetes controle plane Node\n\n Manage via:\n kubectl (kubectl)\n calico (calicoctl)\n velero - backup (velero)\n argocd https://argocd-server.argocd.svc.k8aux.undercloud.cf/\n --------------------------------------------------------------------------------\n\n - path: /etc/sysctl.d/99-k8s.conf\n mode: 0644\n contents:\n inline: |\n net.ipv4.ip_forward = 1\n net.ipv6.ip_forward = 1\n net.ipv6.conf.all.forwarding = 1\n net.ipv4.conf.all.forwarding = 1\n net.bridge.bridge-nf-call-iptables = 1\n net.bridge.bridge-nf-call-ip6tables = 1\n net.netfilter.nf_conntrack_max = 1000000\n net.ipv4.conf.all.rp_filter = 0\n net.ipv6.conf.all.disable_ipv6 = 0\n vm.overcommit_memory = 1\n fs.inotify.max_user_watches = 524288\n fs.inotify.max_user_instances = 512\n kernel.panic = 10\n kernel.panic_on_oops = 1\n\n - path: /etc/flatcar/update.conf\n overwrite: true\n mode: 0420\n contents:\n inline: |\n REBOOT_STRATEGY=off\n\n - path: /opt/bin/kubeadm\n mode: 0755\n contents:\n source: \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubeadm\"\n\n - path: /opt/bin/kubelet\n mode: 0755\n contents:\n source: \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubelet\"\n\n - path: /opt/bin/kubectl\n mode: 0755\n contents:\n source: \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubectl\"\n\n - path: /opt/bin/calicoctl\n mode: 0755\n contents:\n source: \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/calicoctl\"\n\n - path: /etc/kubernetes/kubeadm-join.yaml\n mode: 0644\n contents:\n inline: |\n apiVersion: kubeadm.k8s.io/v1beta3\n kind: JoinConfiguration\n controlPlane:\n localAPIEndpoint:\n advertiseAddress: \"fd00:0:0:2::93\"\n bindPort: 6443\n certificateKey: \"fee7c3e5cfcac7e4774c6efca0464a42d897f30f7300340d6578b5cfb4a3d34b\"\n nodeRegistration:\n name: control-plane3\n criSocket: unix:///run/containerd/containerd.sock\n kubeletExtraArgs:\n node-ip: \"fd00:0:0:2::93\"\n volume-plugin-dir: \"/opt/libexec/kubernetes/kubelet-plugins/volume/exec/\"\n discovery:\n bootstrapToken:\n apiServerEndpoint: \"[fd00:0:0:2::100]:6443\"\n token: \"kvg1hc.t3rewovrps426rof\"\n unsafeSkipCAVerification: true\n ---\n apiVersion: kubelet.config.k8s.io/v1beta1\n kind: KubeletConfiguration\n address: \"::\"\n healthzBindAddress: \"::\"\n clusterDomain: \"k8aux.undercloud.local\"\n clusterDNS:\n - \"2001:470:72f0:f:1::a\"\n cgroupDriver: \"systemd\" \n volumePluginDir: \"/opt/libexec/kubernetes/kubelet-plugins/volume/exec/\"\n\nsystemd:\n units:\n - name: modules-load.service\n enabled: true\n contents: |\n [Unit]\n Description=Load necessary kernel modules\n Before=containerd.service kubeadm-init.service\n\n [Service]\n Type=oneshot\n ExecStart=/usr/bin/modprobe br_netfilter\n ExecStart=/usr/bin/modprobe overlay\n RemainAfterExit=yes\n\n [Install]\n WantedBy=multi-user.target\n\n - name: systemd-networkd-wait-online.service\n enabled: true\n\n - name: containerd.service\n enabled: true\n contents: |\n [Unit]\n Description=containerd container runtime\n After=network.target modules-load.service\n\n [Service]\n ExecStart=/usr/bin/containerd\n Restart=always\n RestartSec=5\n Delegate=yes\n KillMode=process\n OOMScoreAdjust=-999\n\n [Install]\n WantedBy=multi-user.\n\n - name: set-timezone.service\n enabled: true\n contents: |\n [Unit]\n Description=Set Timezone\n After=network-online.target\n Wants=network-online.target\n [Service]\n StandardOutput=journal+console\n StandardError=journal+console\n Type=oneshot\n Restart=on-failure\n ExecStart=/usr/bin/timedatectl set-timezone Europe/Berlin\n ExecStart=/usr/bin/timedatectl set-ntp true \n [Install]\n WantedBy=kubeadm.service\n\n - name: kubelet.service\n enabled: true\n contents: |\n [Unit]\n Description=kubelet, the Kubernetes Node Agent\n Documentation=https://kubernets.io/docs/home\n Wants=network-online.target\n After=network-online.target\n [Service]\n #StandardOutput=journal+console\n #StandardError=journal+console\n #EnvironmentFile=/run/metadata/coreos\n Environment=\"KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf\"\n Environment=\"KUBELET_CONFIG_ARGS=--config=/var/lib/kubelet/config.yaml\"\n # This is a file that \"kubeadm init\" and \"kubeadm join\" generates at runtime, populating the KUBELET_KUBEADM_ARGS variable dynamically\n EnvironmentFile=-/var/lib/kubelet/kubeadm-flags.env\n ExecStart=/opt/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_CONFIG_ARGS $KUBELET_KUBEADM_ARGS $KUBELET_EXTRA_ARGS\n Restart=always\n StartLimitInterval=0\n RestartSec=10\n [Install]\n WantedBy=multi-user.target\n\n - name: kubeadm-join.service\n enabled: true\n contents: |\n [Unit]\n Description=Join node to Kubernetes cluster\n After=network-online.target containerd.service kubelet.service\n Wants=network-online.target\n\n [Service]\n Type=oneshot\n # Environment\n Environment=KUBECONFIG=/etc/kubernetes/admin.conf\n Environment=DATASTORE_TYPE=kubernetes\n Environment=PATH=/usr/bin/:/usr/sbin:/opt/bin:/opt/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent-uds/\n \n ExecStartPre=/bin/sleep 30s\n\n ExecStart=/opt/bin/kubeadm join --config=/etc/kubernetes/kubeadm-join.yaml\n\n # copy files for kubectl\n ExecStartPost=/usr/bin/mkdir -p /home/core/.kube\n ExecStartPost=/usr/bin/cp -i /etc/kubernetes/admin.conf /home/core/.kube/config\n ExecStartPost=/usr/bin/chown core:core /home/core/.kube/config\n \n #ExecStartPost=/usr/bin/systemctl disable kubeadm-init.service\n Restart=on-failure\n RestartSec=120s\n\n [Install]\n WantedBy=multi-user.target\n", "id": "1645840555", "pretty_print": true, "rendered": "{\n \"ignition\": {\n \"config\": {\n \"replace\": {\n \"verification\": {}\n }\n },\n \"proxy\": {},\n \"security\": {\n \"tls\": {}\n },\n \"timeouts\": {},\n \"version\": \"3.4.0\"\n },\n \"kernelArguments\": {},\n \"passwd\": {\n \"users\": [\n {\n \"name\": \"core\",\n \"sshAuthorizedKeys\": [\n \"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHHEAlPo3v4U67Y3411pTjIMkQxwlFWdXrBJkSzXenDH flatcar@undercloud\"\n ]\n }\n ]\n },\n \"storage\": {\n \"directories\": [\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/opt/bin\",\n \"user\": {},\n \"mode\": 493\n },\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/opt/cni/bin\",\n \"user\": {},\n \"mode\": 493\n }\n ],\n \"files\": [\n {\n \"group\": {},\n \"path\": \"/etc/hostname\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"\",\n \"source\": \"data:,control-plane3%0A\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"path\": \"/etc/systemd/network/00-eth.network\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/4r2TSxJzojl8kvMTbVNLcnQ4uKK9kstKc8vyo7lckxJKUotLrZNSzEwsAJBIysrS2N9MxMu98SS1PLEShQZYy4Xv2CEiLGVlSHcBEMDPQM9Iz1LY30jhGaoIEQfmGOsZ8jlkp+bmJlXbFual5JalJyTX5qil5OfnJjDBQgAAP//Pdw6fqsAAAA=\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/etc/hosts\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/5TRYcqDMAwG4P+eIhewNAl8H/Y2rjo2LEY6Zdcf3arQMgnTX83bB8obpH9jjTUIAEF8H27yWBvn0vnzHVO4L39tfZLl0vupuQ7WuvSTcx2Cl3mNEtol9POIZpuHMfog22DevspLTWVKiqZSc5myornQaBGeEqcxfnlzDipAeU5ngCrAec5ngBtMCyHTpR382OROqaZ6jTvlmuodZprq0/s7LhPo3R2XGfTeXgEAAP//kbvS+8wCAAA=\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/etc/motd\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/6yRwYobMQyG7/MUOmYX4lzL3sJ2oYV2A01yaG+KrMyIeOxBkodOn74kk0MPaSg0/8WWkD4+4+f/T/MMf8l6v/u0+fb5x9tHWL++vm23sHn/8v3G4B3GP+fC2HViYJM59yAGA6pDOQKCMVXlCJKPiuZayatyuMVYpwRILqO4sAEqQ1+yeDnvY46QSttyDPc89hmrd0Xl13mHiM2gKPRi1fhsZq5CniYYtHRyEL+y/2D0OIGy1eQgGaIYyZAko06zBbc4i5Ycbns84G+b5YPTnOqBNbOzAZXsWhLDkDAzvJfITfMVM7YMo+DLZZY8weJ6eWoIk1CBxXxeWiMn1gJLOCCd6gCLufHUoLaFInTug72sVnO5NNaRNcxVsJHC6QPWn6HmyEqp1BjouHr8u38HAAD//04R3qpqAwAA\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"path\": \"/etc/sysctl.d/99-k8s.conf\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/4zQX27CMAwG8HdO0QsQASqIF85imdRhFokdOVmB20/duu6PMo3vJVL0i+wvQtVxHnvHGYLaDW3ofufUbVezOzztvEpwGKObNcul4fpn3Nl4uNB8rCWsPca45lzxHKn87w4z/HRCNXCsZE4CeBWphv4KCe/L3M17Gltaho+331pvGq0HLtNQmG6/3JicjmReU+IKiZLao/WLoTgWrRweLuEdXgsZ3LD6l6nu4va7fnc8NjFLqSh+4aduv92trmRC0WUU9t0fmcr/gKACqrm09nwLAAD//0919F4+AgAA\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/etc/flatcar/update.conf\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"\",\n \"source\": \"data:,REBOOT_STRATEGY%3Doff%0A\",\n \"verification\": {}\n },\n \"mode\": 272\n },\n {\n \"group\": {},\n \"path\": \"/opt/bin/kubeadm\",\n \"user\": {},\n \"contents\": {\n \"source\": \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubeadm\",\n \"verification\": {}\n },\n \"mode\": 493\n },\n {\n \"group\": {},\n \"path\": \"/opt/bin/kubelet\",\n \"user\": {},\n \"contents\": {\n \"source\": \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubelet\",\n \"verification\": {}\n },\n \"mode\": 493\n },\n {\n \"group\": {},\n \"path\": \"/opt/bin/kubectl\",\n \"user\": {},\n \"contents\": {\n \"source\": \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubectl\",\n \"verification\": {}\n },\n \"mode\": 493\n },\n {\n \"group\": {},\n \"path\": \"/opt/bin/calicoctl\",\n \"user\": {},\n \"contents\": {\n \"source\": \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/calicoctl\",\n \"verification\": {}\n },\n \"mode\": 493\n },\n {\n \"group\": {},\n \"path\": \"/etc/kubernetes/kubeadm-join.yaml\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/6SST2+cPBDG73wKizvgXciy8W3fJIe3kapVt8ql6sHYAxnhtdHYppt++sqwSrOVeqq4IHjmzzPPT074AuTRWcHG2IHU53Lc+xJdNW86CLLORrRasE8O7YOzPQ6RZEBnM+VsIGeORloQGWPGKWkOx/+frJ4c2pC+MSb1DBTQw0FrAu8Fy3vNuUjPVoj7Ol9kHVp9dBQE2zVNnTGmUlWPSgZ4hrdUBdCqGu5Ur6RqoWnbRu2gV5I3u0Y2W72/b/ua923Ned1wvbtr992d6rtG1rpuujyzTsMXGNCH1UFa0MozCHa1UkzJyzKd8OTUCEGwaPEiqqqiaKukk2iB9IfX0js1Zmw5n4HwdAkkDzT41X8aWuD0F9uzM/EMxWTigLbQSILllZtCZbCDC6gqNSULAXx17X8V+2qtrRZZnmn0ys1Ab2ls51xILqevbgR7DWLCE9AM9J4Py7993GnD+XeRrr+uFpZSlo/zsHlVZagJfriZJt9sd+T6VRStlz2cRpweDi9Aa2ALTIEiZEVRZH8SZiCUagHpFrTNFbTnVXPLmnyHR4g8ewVpwuvP/9Dqw80PZaIPQI/uLHHZfS/jpYxWAynjoi4XRn/rPp/SbQqWbznfiKblot32XPRiI4TMMzWQi9Mj4QwpGP/mA5x1zrL19McliMd/CO1XAAAA//8qgsmcfgMAAA==\",\n \"verification\": {}\n },\n \"mode\": 420\n }\n ]\n },\n \"systemd\": {\n \"units\": [\n {\n \"contents\": \"[Unit]\\nDescription=Load necessary kernel modules\\nBefore=containerd.service kubeadm-init.service\\n\\n[Service]\\nType=oneshot\\nExecStart=/usr/bin/modprobe br_netfilter\\nExecStart=/usr/bin/modprobe overlay\\nRemainAfterExit=yes\\n\\n[Install]\\nWantedBy=multi-user.target\\n\",\n \"enabled\": true,\n \"name\": \"modules-load.service\"\n },\n {\n \"enabled\": true,\n \"name\": \"systemd-networkd-wait-online.service\"\n },\n {\n \"contents\": \"[Unit]\\nDescription=containerd container runtime\\nAfter=network.target modules-load.service\\n\\n[Service]\\nExecStart=/usr/bin/containerd\\nRestart=always\\nRestartSec=5\\nDelegate=yes\\nKillMode=process\\nOOMScoreAdjust=-999\\n\\n[Install]\\nWantedBy=multi-user.\\n\",\n \"enabled\": true,\n \"name\": \"containerd.service\"\n },\n {\n \"contents\": \"[Unit]\\nDescription=Set Timezone\\nAfter=network-online.target\\nWants=network-online.target\\n[Service]\\nStandardOutput=journal+console\\nStandardError=journal+console\\nType=oneshot\\nRestart=on-failure\\nExecStart=/usr/bin/timedatectl set-timezone Europe/Berlin\\nExecStart=/usr/bin/timedatectl set-ntp true \\n[Install]\\nWantedBy=kubeadm.service\\n\",\n \"enabled\": true,\n \"name\": \"set-timezone.service\"\n },\n {\n \"contents\": \"[Unit]\\nDescription=kubelet, the Kubernetes Node Agent\\nDocumentation=https://kubernets.io/docs/home\\nWants=network-online.target\\nAfter=network-online.target\\n[Service]\\n#StandardOutput=journal+console\\n#StandardError=journal+console\\n#EnvironmentFile=/run/metadata/coreos\\nEnvironment=\\\"KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf\\\"\\nEnvironment=\\\"KUBELET_CONFIG_ARGS=--config=/var/lib/kubelet/config.yaml\\\"\\n# This is a file that \\\"kubeadm init\\\" and \\\"kubeadm join\\\" generates at runtime, populating the KUBELET_KUBEADM_ARGS variable dynamically\\nEnvironmentFile=-/var/lib/kubelet/kubeadm-flags.env\\nExecStart=/opt/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_CONFIG_ARGS $KUBELET_KUBEADM_ARGS $KUBELET_EXTRA_ARGS\\nRestart=always\\nStartLimitInterval=0\\nRestartSec=10\\n[Install]\\nWantedBy=multi-user.target\\n\",\n \"enabled\": true,\n \"name\": \"kubelet.service\"\n },\n {\n \"contents\": \"[Unit]\\nDescription=Join node to Kubernetes cluster\\nAfter=network-online.target containerd.service kubelet.service\\nWants=network-online.target\\n\\n[Service]\\nType=oneshot\\n# Environment\\nEnvironment=KUBECONFIG=/etc/kubernetes/admin.conf\\nEnvironment=DATASTORE_TYPE=kubernetes\\nEnvironment=PATH=/usr/bin/:/usr/sbin:/opt/bin:/opt/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent-uds/\\n\\nExecStartPre=/bin/sleep 30s\\n\\nExecStart=/opt/bin/kubeadm join --config=/etc/kubernetes/kubeadm-join.yaml\\n\\n# copy files for kubectl\\nExecStartPost=/usr/bin/mkdir -p /home/core/.kube\\nExecStartPost=/usr/bin/cp -i /etc/kubernetes/admin.conf /home/core/.kube/config\\nExecStartPost=/usr/bin/chown core:core /home/core/.kube/config\\n\\n#ExecStartPost=/usr/bin/systemctl disable kubeadm-init.service\\nRestart=on-failure\\nRestartSec=120s\\n\\n[Install]\\nWantedBy=multi-user.target\\n\",\n \"enabled\": true,\n \"name\": \"kubeadm-join.service\"\n }\n ]\n }\n}", "snippets": null, "strict": false }, "sensitive_attributes": [], "identity_schema_version": 0 } ] }, { "mode": "data", "type": "ct_config", "name": "worker1_ignition", "provider": "provider[\"registry.terraform.io/poseidon/ct\"]", "instances": [ { "schema_version": 0, "attributes": { "content": "variant: flatcar\nversion: 1.1.0\n\npasswd:\n users:\n - name: core\n ssh_authorized_keys:\n - \"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHHEAlPo3v4U67Y3411pTjIMkQxwlFWdXrBJkSzXenDH flatcar@undercloud\"\n\nstorage:\n directories:\n - path: /opt/bin\n overwrite: true\n mode: 0755\n - path: /opt/cni/bin\n overwrite: true\n mode: 0755\n files:\n - path: /etc/hostname\n mode: 0644\n contents:\n inline: |\n worker1\n\n - path: /etc/systemd/network/00-eth.network\n mode: 0644\n contents:\n inline: |\n [Match]\n Name=eth*\n \n [Network]\n Address=fd00:0:0:2::101/64\n Gateway=fd00:0:0:2::3\n DNS=fd00:0:0:3::1\n Address=10.0.2.101/24\n Gateway=10.0.2.3\n DNS=10.0.3.1\n Domains=undercloud.local\n\n - path: /etc/hosts\n mode: 0644\n overwrite: true\n contents:\n inline: |\n 127.0.0.1 localhost\n ::1 localhost ip6-localhost ip6-loopback\n fd00:0:0:2::91 control-plane1.undercloud.local control-plane1\n fd00:0:0:2::92 control-plane2.undercloud.local control-plane2\n fd00:0:0:2::93 control-plane3.undercloud.local control-plane3\n fd00:0:0:2::101 worker1.undercloud.local worker1\n fd00:0:0:2::102 worker2.undercloud.local worker2\n fd00:0:0:2::103 worker3.undercloud.local worker3\n 10.0.2.91 control-plane1.undercloud.local control-plane1\n 10.0.2.92 control-plane2.undercloud.local control-plane2\n 10.0.2.93 control-plane3.undercloud.local control-plane3\n 10.0.2.101 worker1.undercloud.local worker1\n 10.0.2.102 worker2.undercloud.local worker2\n 10.0.2.103 worker3.undercloud.local worker3\n\n - path: /etc/motd\n mode: 0644\n overwrite: true\n contents:\n inline: |\n *******************************************************************\n * AUTHORIZED ACCESS ONLY *\n * *\n * This system is part of a secured infrastructure. *\n * All activities are monitored and logged. *\n * Unauthorized access or misuse is strictly prohibited and *\n * may result in disciplinary and legal action. *\n *******************************************************************\n\n --------------------------------------------------------------------------------\n kubernetes controle plane Node\n\n Manage via:\n kubectl (kubectl)\n calico (calicoctl)\n velero - backup (velero)\n argocd https://argocd-server.argocd.svc.k8aux.undercloud.cf/\n --------------------------------------------------------------------------------\n\n - path: /etc/sysctl.d/99-k8s.conf\n mode: 0644\n contents:\n inline: |\n net.ipv4.ip_forward = 1\n net.ipv6.ip_forward = 1\n net.ipv6.conf.all.forwarding = 1\n net.ipv4.conf.all.forwarding = 1\n net.bridge.bridge-nf-call-iptables = 1\n net.bridge.bridge-nf-call-ip6tables = 1\n net.netfilter.nf_conntrack_max = 1000000\n net.ipv4.conf.all.rp_filter = 0\n net.ipv6.conf.all.disable_ipv6 = 0\n vm.overcommit_memory = 1\n fs.inotify.max_user_watches = 524288\n fs.inotify.max_user_instances = 512\n kernel.panic = 10\n kernel.panic_on_oops = 1\n\n - path: /etc/flatcar/update.conf\n overwrite: true\n mode: 0420\n contents:\n inline: |\n REBOOT_STRATEGY=off\n\n - path: /opt/bin/kubeadm\n mode: 0755\n contents:\n source: \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubeadm\"\n\n - path: /opt/bin/kubelet\n mode: 0755\n contents:\n source: \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubelet\"\n\n - path: /opt/bin/kubectl\n mode: 0755\n contents:\n source: \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubectl\"\n\n - path: /opt/bin/calicoctl\n mode: 0755\n contents:\n source: \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/calicoctl\"\n\n - path: /etc/kubernetes/kubeadm-join.yaml\n mode: 0644\n contents:\n inline: |\n apiVersion: kubeadm.k8s.io/v1beta3\n kind: JoinConfiguration\n nodeRegistration:\n name: worker1\n criSocket: unix:///run/containerd/containerd.sock\n kubeletExtraArgs:\n node-ip: \"fd00:0:0:2::101\"\n volume-plugin-dir: \"/opt/libexec/kubernetes/kubelet-plugins/volume/exec/\"\n discovery:\n bootstrapToken:\n apiServerEndpoint: \"[fd00:0:0:2::100]:6443\"\n token: \"kvg1hc.t3rewovrps426rof\"\n unsafeSkipCAVerification: true\n ---\n apiVersion: kubelet.config.k8s.io/v1beta1\n kind: KubeletConfiguration\n address: \"::\"\n healthzBindAddress: \"::\"\n clusterDomain: \"k8aux.undercloud.local\"\n clusterDNS:\n - \"2001:470:72f0:f:1::a\"\n cgroupDriver: \"systemd\" \n volumePluginDir: \"/opt/libexec/kubernetes/kubelet-plugins/volume/exec/\"\n\nsystemd:\n units:\n - name: modules-load.service\n enabled: true\n contents: |\n [Unit]\n Description=Load necessary kernel modules\n Before=containerd.service kubeadm-init.service\n\n [Service]\n Type=oneshot\n ExecStart=/usr/bin/modprobe br_netfilter\n ExecStart=/usr/bin/modprobe overlay\n RemainAfterExit=yes\n\n [Install]\n WantedBy=multi-user.target\n\n - name: systemd-networkd-wait-online.service\n enabled: true\n\n - name: containerd.service\n enabled: true\n contents: |\n [Unit]\n Description=containerd container runtime\n After=network.target modules-load.service\n\n [Service]\n ExecStart=/usr/bin/containerd\n Restart=always\n RestartSec=5\n Delegate=yes\n KillMode=process\n OOMScoreAdjust=-999\n\n [Install]\n WantedBy=multi-user.\n\n - name: set-timezone.service\n enabled: true\n contents: |\n [Unit]\n Description=Set Timezone\n After=network-online.target\n Wants=network-online.target\n [Service]\n StandardOutput=journal+console\n StandardError=journal+console\n Type=oneshot\n Restart=on-failure\n ExecStart=/usr/bin/timedatectl set-timezone Europe/Berlin\n ExecStart=/usr/bin/timedatectl set-ntp true \n [Install]\n WantedBy=kubeadm.service\n\n - name: kubelet.service\n enabled: true\n contents: |\n [Unit]\n Description=kubelet, the Kubernetes Node Agent\n Documentation=https://kubernets.io/docs/home\n Wants=network-online.target\n After=network-online.target\n [Service]\n #StandardOutput=journal+console\n #StandardError=journal+console\n #EnvironmentFile=/run/metadata/coreos\n Environment=\"KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf\"\n Environment=\"KUBELET_CONFIG_ARGS=--config=/var/lib/kubelet/config.yaml\"\n # This is a file that \"kubeadm init\" and \"kubeadm join\" generates at runtime, populating the KUBELET_KUBEADM_ARGS variable dynamically\n EnvironmentFile=-/var/lib/kubelet/kubeadm-flags.env\n ExecStart=/opt/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_CONFIG_ARGS $KUBELET_KUBEADM_ARGS $KUBELET_EXTRA_ARGS\n Restart=always\n StartLimitInterval=0\n RestartSec=10\n [Install]\n WantedBy=multi-user.target\n\n - name: kubeadm-join.service\n enabled: true\n contents: |\n [Unit]\n Description=Join node to Kubernetes cluster\n After=network-online.target containerd.service kubelet.service\n Wants=network-online.target\n\n [Service]\n Type=oneshot\n # Environment\n Environment=KUBECONFIG=/etc/kubernetes/admin.conf\n Environment=DATASTORE_TYPE=kubernetes\n Environment=PATH=/usr/bin/:/usr/sbin:/opt/bin:/opt/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent-uds/\n \n ExecStartPre=/bin/sleep 30s\n\n ExecStart=/opt/bin/kubeadm join --config=/etc/kubernetes/kubeadm-join.yaml\n \n #ExecStartPost=/usr/bin/systemctl disable kubeadm-init.service\n Restart=on-failure\n RestartSec=120s\n\n [Install]\n WantedBy=multi-user.target\n", "id": "701272205", "pretty_print": true, "rendered": "{\n \"ignition\": {\n \"config\": {\n \"replace\": {\n \"verification\": {}\n }\n },\n \"proxy\": {},\n \"security\": {\n \"tls\": {}\n },\n \"timeouts\": {},\n \"version\": \"3.4.0\"\n },\n \"kernelArguments\": {},\n \"passwd\": {\n \"users\": [\n {\n \"name\": \"core\",\n \"sshAuthorizedKeys\": [\n \"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHHEAlPo3v4U67Y3411pTjIMkQxwlFWdXrBJkSzXenDH flatcar@undercloud\"\n ]\n }\n ]\n },\n \"storage\": {\n \"directories\": [\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/opt/bin\",\n \"user\": {},\n \"mode\": 493\n },\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/opt/cni/bin\",\n \"user\": {},\n \"mode\": 493\n }\n ],\n \"files\": [\n {\n \"group\": {},\n \"path\": \"/etc/hostname\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"\",\n \"source\": \"data:,worker1%0A\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"path\": \"/etc/systemd/network/00-eth.network\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/4r2TSxJzojl8kvMTbVNLcnQ4uKK9kstKc8vyo7lckxJKUotLrZNSzEwsAJBIysrQwNDfTMTLvfEktTyxEoUKWMuF79ghIixlZUh3AhDAz0DPSM9kG4jhG6oKEQjmGOsZ8jlkp+bmJlXbFual5JalJyTX5qil5OfnJjDBQgAAP//u2Lr160AAAA=\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/etc/hosts\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/5TRYcqDMAwG4P+eIhewNAl8H/Y2rjo2LEY6Zdcf3arQMgnTX83bB8obpH9jjTUIAEF8H27yWBvn0vnzHVO4L39tfZLl0vupuQ7WuvSTcx2Cl3mNEtol9POIZpuHMfog22DevspLTWVKiqZSc5myornQaBGeEqcxfnlzDipAeU5ngCrAec5ngBtMCyHTpR382OROqaZ6jTvlmuodZprq0/s7LhPo3R2XGfTeXgEAAP//kbvS+8wCAAA=\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/etc/motd\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/6yRwYobMQyG7/MUOmYX4lzL3sJ2oYV2A01yaG+KrMyIeOxBkodOn74kk0MPaSg0/8WWkD4+4+f/T/MMf8l6v/u0+fb5x9tHWL++vm23sHn/8v3G4B3GP+fC2HViYJM59yAGA6pDOQKCMVXlCJKPiuZayatyuMVYpwRILqO4sAEqQ1+yeDnvY46QSttyDPc89hmrd0Xl13mHiM2gKPRi1fhsZq5CniYYtHRyEL+y/2D0OIGy1eQgGaIYyZAko06zBbc4i5Ycbns84G+b5YPTnOqBNbOzAZXsWhLDkDAzvJfITfMVM7YMo+DLZZY8weJ6eWoIk1CBxXxeWiMn1gJLOCCd6gCLufHUoLaFInTug72sVnO5NNaRNcxVsJHC6QPWn6HmyEqp1BjouHr8u38HAAD//04R3qpqAwAA\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"path\": \"/etc/sysctl.d/99-k8s.conf\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/4zQX27CMAwG8HdO0QsQASqIF85imdRhFokdOVmB20/duu6PMo3vJVL0i+wvQtVxHnvHGYLaDW3ofufUbVezOzztvEpwGKObNcul4fpn3Nl4uNB8rCWsPca45lzxHKn87w4z/HRCNXCsZE4CeBWphv4KCe/L3M17Gltaho+331pvGq0HLtNQmG6/3JicjmReU+IKiZLao/WLoTgWrRweLuEdXgsZ3LD6l6nu4va7fnc8NjFLqSh+4aduv92trmRC0WUU9t0fmcr/gKACqrm09nwLAAD//0919F4+AgAA\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/etc/flatcar/update.conf\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"\",\n \"source\": \"data:,REBOOT_STRATEGY%3Doff%0A\",\n \"verification\": {}\n },\n \"mode\": 272\n },\n {\n \"group\": {},\n \"path\": \"/opt/bin/kubeadm\",\n \"user\": {},\n \"contents\": {\n \"source\": \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubeadm\",\n \"verification\": {}\n },\n \"mode\": 493\n },\n {\n \"group\": {},\n \"path\": \"/opt/bin/kubelet\",\n \"user\": {},\n \"contents\": {\n \"source\": \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubelet\",\n \"verification\": {}\n },\n \"mode\": 493\n },\n {\n \"group\": {},\n \"path\": \"/opt/bin/kubectl\",\n \"user\": {},\n \"contents\": {\n \"source\": \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubectl\",\n \"verification\": {}\n },\n \"mode\": 493\n },\n {\n \"group\": {},\n \"path\": \"/opt/bin/calicoctl\",\n \"user\": {},\n \"contents\": {\n \"source\": \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/calicoctl\",\n \"verification\": {}\n },\n \"mode\": 493\n },\n {\n \"group\": {},\n \"path\": \"/etc/kubernetes/kubeadm-join.yaml\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/6SRQW/bMAyF7/4Vgu627CRoC96yppcNGIZl6GXYQZFoh7AjGpTkpvv1g+0AW3YtdBHER/LpfXakV5RIHED1+YTWX6r+KVbEZmpOmOy26Cl4UJ+ZwjOHlrosNhGHIrDH79hRTOsDFEoFe0FQbyw9SlMo5YSO7HpMoHKgKxhjJAfjOCRLAcX/c60iu75Qi40B08s1id1LF+e5Ss3bShpB6dbXNcxnA9DUjV7KEw/5guU45I5C6UlAacNjMgOd8IrOzFMlYMJobgtu4mjWXrPIdOEpOp5Q3ue9J+Y0/2/8wT2G1Ykd6YgyobwEPzKFBEr/vDdV/4KH3W67WktLq9L91DVnV6Wt4BtPMsbd5kG4XUU5RNvisafxef+KQi25NVSVJGNRlmXxP6oBU+UWIvfEmhuxL6vmHpr1XjBGUBpAF2e0Qzr//kTB7+8KbsgxoRz4Ymnx/mTztcrBo7iBs68Gdnb4q/t6nLMpld7UdQO7xxoeN20NLTQAVheuE87jQWjCGUx8jwkvXqtijf7bAuLwAWh/AgAA//+YntpNxwIAAA==\",\n \"verification\": {}\n },\n \"mode\": 420\n }\n ]\n },\n \"systemd\": {\n \"units\": [\n {\n \"contents\": \"[Unit]\\nDescription=Load necessary kernel modules\\nBefore=containerd.service kubeadm-init.service\\n\\n[Service]\\nType=oneshot\\nExecStart=/usr/bin/modprobe br_netfilter\\nExecStart=/usr/bin/modprobe overlay\\nRemainAfterExit=yes\\n\\n[Install]\\nWantedBy=multi-user.target\\n\",\n \"enabled\": true,\n \"name\": \"modules-load.service\"\n },\n {\n \"enabled\": true,\n \"name\": \"systemd-networkd-wait-online.service\"\n },\n {\n \"contents\": \"[Unit]\\nDescription=containerd container runtime\\nAfter=network.target modules-load.service\\n\\n[Service]\\nExecStart=/usr/bin/containerd\\nRestart=always\\nRestartSec=5\\nDelegate=yes\\nKillMode=process\\nOOMScoreAdjust=-999\\n\\n[Install]\\nWantedBy=multi-user.\\n\",\n \"enabled\": true,\n \"name\": \"containerd.service\"\n },\n {\n \"contents\": \"[Unit]\\nDescription=Set Timezone\\nAfter=network-online.target\\nWants=network-online.target\\n[Service]\\nStandardOutput=journal+console\\nStandardError=journal+console\\nType=oneshot\\nRestart=on-failure\\nExecStart=/usr/bin/timedatectl set-timezone Europe/Berlin\\nExecStart=/usr/bin/timedatectl set-ntp true \\n[Install]\\nWantedBy=kubeadm.service\\n\",\n \"enabled\": true,\n \"name\": \"set-timezone.service\"\n },\n {\n \"contents\": \"[Unit]\\nDescription=kubelet, the Kubernetes Node Agent\\nDocumentation=https://kubernets.io/docs/home\\nWants=network-online.target\\nAfter=network-online.target\\n[Service]\\n#StandardOutput=journal+console\\n#StandardError=journal+console\\n#EnvironmentFile=/run/metadata/coreos\\nEnvironment=\\\"KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf\\\"\\nEnvironment=\\\"KUBELET_CONFIG_ARGS=--config=/var/lib/kubelet/config.yaml\\\"\\n# This is a file that \\\"kubeadm init\\\" and \\\"kubeadm join\\\" generates at runtime, populating the KUBELET_KUBEADM_ARGS variable dynamically\\nEnvironmentFile=-/var/lib/kubelet/kubeadm-flags.env\\nExecStart=/opt/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_CONFIG_ARGS $KUBELET_KUBEADM_ARGS $KUBELET_EXTRA_ARGS\\nRestart=always\\nStartLimitInterval=0\\nRestartSec=10\\n[Install]\\nWantedBy=multi-user.target\\n\",\n \"enabled\": true,\n \"name\": \"kubelet.service\"\n },\n {\n \"contents\": \"[Unit]\\nDescription=Join node to Kubernetes cluster\\nAfter=network-online.target containerd.service kubelet.service\\nWants=network-online.target\\n\\n[Service]\\nType=oneshot\\n# Environment\\nEnvironment=KUBECONFIG=/etc/kubernetes/admin.conf\\nEnvironment=DATASTORE_TYPE=kubernetes\\nEnvironment=PATH=/usr/bin/:/usr/sbin:/opt/bin:/opt/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent-uds/\\n\\nExecStartPre=/bin/sleep 30s\\n\\nExecStart=/opt/bin/kubeadm join --config=/etc/kubernetes/kubeadm-join.yaml\\n\\n#ExecStartPost=/usr/bin/systemctl disable kubeadm-init.service\\nRestart=on-failure\\nRestartSec=120s\\n\\n[Install]\\nWantedBy=multi-user.target\\n\",\n \"enabled\": true,\n \"name\": \"kubeadm-join.service\"\n }\n ]\n }\n}", "snippets": null, "strict": false }, "sensitive_attributes": [], "identity_schema_version": 0 } ] }, { "mode": "data", "type": "ct_config", "name": "worker2_ignition", "provider": "provider[\"registry.terraform.io/poseidon/ct\"]", "instances": [ { "schema_version": 0, "attributes": { "content": "variant: flatcar\nversion: 1.1.0\n\npasswd:\n users:\n - name: core\n ssh_authorized_keys:\n - \"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHHEAlPo3v4U67Y3411pTjIMkQxwlFWdXrBJkSzXenDH flatcar@undercloud\"\n\nstorage:\n directories:\n - path: /opt/bin\n overwrite: true\n mode: 0755\n - path: /opt/cni/bin\n overwrite: true\n mode: 0755\n files:\n - path: /etc/hostname\n mode: 0644\n contents:\n inline: |\n worker2\n\n - path: /etc/systemd/network/00-eth.network\n mode: 0644\n contents:\n inline: |\n [Match]\n Name=eth*\n \n [Network]\n Address=fd00:0:0:2::102/64\n Gateway=fd00:0:0:2::3\n DNS=fd00:0:0:3::1\n Address=10.0.2.102/24\n Gateway=10.0.2.3\n DNS=10.0.3.1\n Domains=undercloud.local\n\n - path: /etc/hosts\n mode: 0644\n overwrite: true\n contents:\n inline: |\n 127.0.0.1 localhost\n ::1 localhost ip6-localhost ip6-loopback\n fd00:0:0:2::91 control-plane1.undercloud.local control-plane1\n fd00:0:0:2::92 control-plane2.undercloud.local control-plane2\n fd00:0:0:2::93 control-plane3.undercloud.local control-plane3\n fd00:0:0:2::101 worker1.undercloud.local worker1\n fd00:0:0:2::102 worker2.undercloud.local worker2\n fd00:0:0:2::103 worker3.undercloud.local worker3\n 10.0.2.91 control-plane1.undercloud.local control-plane1\n 10.0.2.92 control-plane2.undercloud.local control-plane2\n 10.0.2.93 control-plane3.undercloud.local control-plane3\n 10.0.2.101 worker1.undercloud.local worker1\n 10.0.2.102 worker2.undercloud.local worker2\n 10.0.2.103 worker3.undercloud.local worker3\n\n - path: /etc/motd\n mode: 0644\n overwrite: true\n contents:\n inline: |\n *******************************************************************\n * AUTHORIZED ACCESS ONLY *\n * *\n * This system is part of a secured infrastructure. *\n * All activities are monitored and logged. *\n * Unauthorized access or misuse is strictly prohibited and *\n * may result in disciplinary and legal action. *\n *******************************************************************\n\n --------------------------------------------------------------------------------\n kubernetes controle plane Node\n\n Manage via:\n kubectl (kubectl)\n calico (calicoctl)\n velero - backup (velero)\n argocd https://argocd-server.argocd.svc.k8aux.undercloud.cf/\n --------------------------------------------------------------------------------\n\n - path: /etc/sysctl.d/99-k8s.conf\n mode: 0644\n contents:\n inline: |\n net.ipv4.ip_forward = 1\n net.ipv6.ip_forward = 1\n net.ipv6.conf.all.forwarding = 1\n net.ipv4.conf.all.forwarding = 1\n net.bridge.bridge-nf-call-iptables = 1\n net.bridge.bridge-nf-call-ip6tables = 1\n net.netfilter.nf_conntrack_max = 1000000\n net.ipv4.conf.all.rp_filter = 0\n net.ipv6.conf.all.disable_ipv6 = 0\n vm.overcommit_memory = 1\n fs.inotify.max_user_watches = 524288\n fs.inotify.max_user_instances = 512\n kernel.panic = 10\n kernel.panic_on_oops = 1\n\n - path: /etc/flatcar/update.conf\n overwrite: true\n mode: 0420\n contents:\n inline: |\n REBOOT_STRATEGY=off\n\n - path: /opt/bin/kubeadm\n mode: 0755\n contents:\n source: \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubeadm\"\n\n - path: /opt/bin/kubelet\n mode: 0755\n contents:\n source: \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubelet\"\n\n - path: /opt/bin/kubectl\n mode: 0755\n contents:\n source: \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubectl\"\n\n - path: /opt/bin/calicoctl\n mode: 0755\n contents:\n source: \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/calicoctl\"\n\n - path: /etc/kubernetes/kubeadm-join.yaml\n mode: 0644\n contents:\n inline: |\n apiVersion: kubeadm.k8s.io/v1beta3\n kind: JoinConfiguration\n nodeRegistration:\n name: worker2\n criSocket: unix:///run/containerd/containerd.sock\n kubeletExtraArgs:\n node-ip: \"fd00:0:0:2::102\"\n volume-plugin-dir: \"/opt/libexec/kubernetes/kubelet-plugins/volume/exec/\"\n discovery:\n bootstrapToken:\n apiServerEndpoint: \"[fd00:0:0:2::100]:6443\"\n token: \"kvg1hc.t3rewovrps426rof\"\n unsafeSkipCAVerification: true\n ---\n apiVersion: kubelet.config.k8s.io/v1beta1\n kind: KubeletConfiguration\n address: \"::\"\n healthzBindAddress: \"::\"\n clusterDomain: \"k8aux.undercloud.local\"\n clusterDNS:\n - \"2001:470:72f0:f:1::a\"\n cgroupDriver: \"systemd\" \n volumePluginDir: \"/opt/libexec/kubernetes/kubelet-plugins/volume/exec/\"\n\nsystemd:\n units:\n - name: modules-load.service\n enabled: true\n contents: |\n [Unit]\n Description=Load necessary kernel modules\n Before=containerd.service kubeadm-init.service\n\n [Service]\n Type=oneshot\n ExecStart=/usr/bin/modprobe br_netfilter\n ExecStart=/usr/bin/modprobe overlay\n RemainAfterExit=yes\n\n [Install]\n WantedBy=multi-user.target\n\n - name: systemd-networkd-wait-online.service\n enabled: true\n\n - name: containerd.service\n enabled: true\n contents: |\n [Unit]\n Description=containerd container runtime\n After=network.target modules-load.service\n\n [Service]\n ExecStart=/usr/bin/containerd\n Restart=always\n RestartSec=5\n Delegate=yes\n KillMode=process\n OOMScoreAdjust=-999\n\n [Install]\n WantedBy=multi-user.\n\n - name: set-timezone.service\n enabled: true\n contents: |\n [Unit]\n Description=Set Timezone\n After=network-online.target\n Wants=network-online.target\n [Service]\n StandardOutput=journal+console\n StandardError=journal+console\n Type=oneshot\n Restart=on-failure\n ExecStart=/usr/bin/timedatectl set-timezone Europe/Berlin\n ExecStart=/usr/bin/timedatectl set-ntp true \n [Install]\n WantedBy=kubeadm.service\n\n - name: kubelet.service\n enabled: true\n contents: |\n [Unit]\n Description=kubelet, the Kubernetes Node Agent\n Documentation=https://kubernets.io/docs/home\n Wants=network-online.target\n After=network-online.target\n [Service]\n #StandardOutput=journal+console\n #StandardError=journal+console\n #EnvironmentFile=/run/metadata/coreos\n Environment=\"KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf\"\n Environment=\"KUBELET_CONFIG_ARGS=--config=/var/lib/kubelet/config.yaml\"\n # This is a file that \"kubeadm init\" and \"kubeadm join\" generates at runtime, populating the KUBELET_KUBEADM_ARGS variable dynamically\n EnvironmentFile=-/var/lib/kubelet/kubeadm-flags.env\n ExecStart=/opt/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_CONFIG_ARGS $KUBELET_KUBEADM_ARGS $KUBELET_EXTRA_ARGS\n Restart=always\n StartLimitInterval=0\n RestartSec=10\n [Install]\n WantedBy=multi-user.target\n\n - name: kubeadm-join.service\n enabled: true\n contents: |\n [Unit]\n Description=Join node to Kubernetes cluster\n After=network-online.target containerd.service kubelet.service\n Wants=network-online.target\n\n [Service]\n Type=oneshot\n # Environment\n Environment=KUBECONFIG=/etc/kubernetes/admin.conf\n Environment=DATASTORE_TYPE=kubernetes\n Environment=PATH=/usr/bin/:/usr/sbin:/opt/bin:/opt/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent-uds/\n \n ExecStartPre=/bin/sleep 30s\n\n ExecStart=/opt/bin/kubeadm join --config=/etc/kubernetes/kubeadm-join.yaml\n \n #ExecStartPost=/usr/bin/systemctl disable kubeadm-init.service\n Restart=on-failure\n RestartSec=120s\n\n [Install]\n WantedBy=multi-user.target\n", "id": "43186052", "pretty_print": true, "rendered": "{\n \"ignition\": {\n \"config\": {\n \"replace\": {\n \"verification\": {}\n }\n },\n \"proxy\": {},\n \"security\": {\n \"tls\": {}\n },\n \"timeouts\": {},\n \"version\": \"3.4.0\"\n },\n \"kernelArguments\": {},\n \"passwd\": {\n \"users\": [\n {\n \"name\": \"core\",\n \"sshAuthorizedKeys\": [\n \"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHHEAlPo3v4U67Y3411pTjIMkQxwlFWdXrBJkSzXenDH flatcar@undercloud\"\n ]\n }\n ]\n },\n \"storage\": {\n \"directories\": [\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/opt/bin\",\n \"user\": {},\n \"mode\": 493\n },\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/opt/cni/bin\",\n \"user\": {},\n \"mode\": 493\n }\n ],\n \"files\": [\n {\n \"group\": {},\n \"path\": \"/etc/hostname\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"\",\n \"source\": \"data:,worker2%0A\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"path\": \"/etc/systemd/network/00-eth.network\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/4r2TSxJzojl8kvMTbVNLcnQ4uKK9kstKc8vyo7lckxJKUotLrZNSzEwsAJBIysrQwMjfTMTLvfEktTyxEoUKWMuF79ghIixlZUh3AhDAz0DPSM9kG4jhG6oKEQjmGOsZ8jlkp+bmJlXbFual5JalJyTX5qil5OfnJjDBQgAAP//qDlrN60AAAA=\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/etc/hosts\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/5TRYcqDMAwG4P+eIhewNAl8H/Y2rjo2LEY6Zdcf3arQMgnTX83bB8obpH9jjTUIAEF8H27yWBvn0vnzHVO4L39tfZLl0vupuQ7WuvSTcx2Cl3mNEtol9POIZpuHMfog22DevspLTWVKiqZSc5myornQaBGeEqcxfnlzDipAeU5ngCrAec5ngBtMCyHTpR382OROqaZ6jTvlmuodZprq0/s7LhPo3R2XGfTeXgEAAP//kbvS+8wCAAA=\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/etc/motd\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/6yRwYobMQyG7/MUOmYX4lzL3sJ2oYV2A01yaG+KrMyIeOxBkodOn74kk0MPaSg0/8WWkD4+4+f/T/MMf8l6v/u0+fb5x9tHWL++vm23sHn/8v3G4B3GP+fC2HViYJM59yAGA6pDOQKCMVXlCJKPiuZayatyuMVYpwRILqO4sAEqQ1+yeDnvY46QSttyDPc89hmrd0Xl13mHiM2gKPRi1fhsZq5CniYYtHRyEL+y/2D0OIGy1eQgGaIYyZAko06zBbc4i5Ycbns84G+b5YPTnOqBNbOzAZXsWhLDkDAzvJfITfMVM7YMo+DLZZY8weJ6eWoIk1CBxXxeWiMn1gJLOCCd6gCLufHUoLaFInTug72sVnO5NNaRNcxVsJHC6QPWn6HmyEqp1BjouHr8u38HAAD//04R3qpqAwAA\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"path\": \"/etc/sysctl.d/99-k8s.conf\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/4zQX27CMAwG8HdO0QsQASqIF85imdRhFokdOVmB20/duu6PMo3vJVL0i+wvQtVxHnvHGYLaDW3ofufUbVezOzztvEpwGKObNcul4fpn3Nl4uNB8rCWsPca45lzxHKn87w4z/HRCNXCsZE4CeBWphv4KCe/L3M17Gltaho+331pvGq0HLtNQmG6/3JicjmReU+IKiZLao/WLoTgWrRweLuEdXgsZ3LD6l6nu4va7fnc8NjFLqSh+4aduv92trmRC0WUU9t0fmcr/gKACqrm09nwLAAD//0919F4+AgAA\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/etc/flatcar/update.conf\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"\",\n \"source\": \"data:,REBOOT_STRATEGY%3Doff%0A\",\n \"verification\": {}\n },\n \"mode\": 272\n },\n {\n \"group\": {},\n \"path\": \"/opt/bin/kubeadm\",\n \"user\": {},\n \"contents\": {\n \"source\": \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubeadm\",\n \"verification\": {}\n },\n \"mode\": 493\n },\n {\n \"group\": {},\n \"path\": \"/opt/bin/kubelet\",\n \"user\": {},\n \"contents\": {\n \"source\": \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubelet\",\n \"verification\": {}\n },\n \"mode\": 493\n },\n {\n \"group\": {},\n \"path\": \"/opt/bin/kubectl\",\n \"user\": {},\n \"contents\": {\n \"source\": \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubectl\",\n \"verification\": {}\n },\n \"mode\": 493\n },\n {\n \"group\": {},\n \"path\": \"/opt/bin/calicoctl\",\n \"user\": {},\n \"contents\": {\n \"source\": \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/calicoctl\",\n \"verification\": {}\n },\n \"mode\": 493\n },\n {\n \"group\": {},\n \"path\": \"/etc/kubernetes/kubeadm-join.yaml\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/6SRQW/bPgzF7/4Ugu62bDdoC97yb3r5DxiGZehl2EGRaIewIxqU5Kb79IPtAFt2HXQRxEfy6f3sRG8okTiAGvIJrb9Uw3OsiM3cnDDZh2Kg4EH9zxReOHTUZ7GJOBSBPX7FnmLaHqBQKtgLgnpnGVDaQikndGQ3YAKVA13BGCM5GMchWQoo/o9rFdkNhVptjJher0nsXvq4zFVq2VbSBEp3vq5hOS1AU7d6Lc885guW05h7CqUnAaUNT8mMdMIrOrNMlYAJo7ktuImj2XrNKtOFp+h4RvlY9p6Y0/K/6RsPGDYndqIjyozyGvzEFBIo/f3eVP0DHne7h81aWluVHua+ObsqPQi+8yxT3LWPwt0myiHaDo8DTS/7NxTqyG2hqiQZi7Isi79RjZgqtxK5J9bciH3aNPfQrPeCMYLSALo4ox3T+ed/FPz+ruDGHBPKgS+WVu/PNl+rHDyKGzn7amRnx9+6z8clm1Lptq4b2D3V8NR2NXTQAFhduF44TwehGRcw8SMmvHitii36LyuIwz9A+xUAAP//0WjE18cCAAA=\",\n \"verification\": {}\n },\n \"mode\": 420\n }\n ]\n },\n \"systemd\": {\n \"units\": [\n {\n \"contents\": \"[Unit]\\nDescription=Load necessary kernel modules\\nBefore=containerd.service kubeadm-init.service\\n\\n[Service]\\nType=oneshot\\nExecStart=/usr/bin/modprobe br_netfilter\\nExecStart=/usr/bin/modprobe overlay\\nRemainAfterExit=yes\\n\\n[Install]\\nWantedBy=multi-user.target\\n\",\n \"enabled\": true,\n \"name\": \"modules-load.service\"\n },\n {\n \"enabled\": true,\n \"name\": \"systemd-networkd-wait-online.service\"\n },\n {\n \"contents\": \"[Unit]\\nDescription=containerd container runtime\\nAfter=network.target modules-load.service\\n\\n[Service]\\nExecStart=/usr/bin/containerd\\nRestart=always\\nRestartSec=5\\nDelegate=yes\\nKillMode=process\\nOOMScoreAdjust=-999\\n\\n[Install]\\nWantedBy=multi-user.\\n\",\n \"enabled\": true,\n \"name\": \"containerd.service\"\n },\n {\n \"contents\": \"[Unit]\\nDescription=Set Timezone\\nAfter=network-online.target\\nWants=network-online.target\\n[Service]\\nStandardOutput=journal+console\\nStandardError=journal+console\\nType=oneshot\\nRestart=on-failure\\nExecStart=/usr/bin/timedatectl set-timezone Europe/Berlin\\nExecStart=/usr/bin/timedatectl set-ntp true \\n[Install]\\nWantedBy=kubeadm.service\\n\",\n \"enabled\": true,\n \"name\": \"set-timezone.service\"\n },\n {\n \"contents\": \"[Unit]\\nDescription=kubelet, the Kubernetes Node Agent\\nDocumentation=https://kubernets.io/docs/home\\nWants=network-online.target\\nAfter=network-online.target\\n[Service]\\n#StandardOutput=journal+console\\n#StandardError=journal+console\\n#EnvironmentFile=/run/metadata/coreos\\nEnvironment=\\\"KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf\\\"\\nEnvironment=\\\"KUBELET_CONFIG_ARGS=--config=/var/lib/kubelet/config.yaml\\\"\\n# This is a file that \\\"kubeadm init\\\" and \\\"kubeadm join\\\" generates at runtime, populating the KUBELET_KUBEADM_ARGS variable dynamically\\nEnvironmentFile=-/var/lib/kubelet/kubeadm-flags.env\\nExecStart=/opt/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_CONFIG_ARGS $KUBELET_KUBEADM_ARGS $KUBELET_EXTRA_ARGS\\nRestart=always\\nStartLimitInterval=0\\nRestartSec=10\\n[Install]\\nWantedBy=multi-user.target\\n\",\n \"enabled\": true,\n \"name\": \"kubelet.service\"\n },\n {\n \"contents\": \"[Unit]\\nDescription=Join node to Kubernetes cluster\\nAfter=network-online.target containerd.service kubelet.service\\nWants=network-online.target\\n\\n[Service]\\nType=oneshot\\n# Environment\\nEnvironment=KUBECONFIG=/etc/kubernetes/admin.conf\\nEnvironment=DATASTORE_TYPE=kubernetes\\nEnvironment=PATH=/usr/bin/:/usr/sbin:/opt/bin:/opt/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent-uds/\\n\\nExecStartPre=/bin/sleep 30s\\n\\nExecStart=/opt/bin/kubeadm join --config=/etc/kubernetes/kubeadm-join.yaml\\n\\n#ExecStartPost=/usr/bin/systemctl disable kubeadm-init.service\\nRestart=on-failure\\nRestartSec=120s\\n\\n[Install]\\nWantedBy=multi-user.target\\n\",\n \"enabled\": true,\n \"name\": \"kubeadm-join.service\"\n }\n ]\n }\n}", "snippets": null, "strict": false }, "sensitive_attributes": [], "identity_schema_version": 0 } ] }, { "mode": "data", "type": "ct_config", "name": "worker3_ignition", "provider": "provider[\"registry.terraform.io/poseidon/ct\"]", "instances": [ { "schema_version": 0, "attributes": { "content": "variant: flatcar\nversion: 1.1.0\n\npasswd:\n users:\n - name: core\n ssh_authorized_keys:\n - \"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHHEAlPo3v4U67Y3411pTjIMkQxwlFWdXrBJkSzXenDH flatcar@undercloud\"\n\nstorage:\n directories:\n - path: /opt/bin\n overwrite: true\n mode: 0755\n - path: /opt/cni/bin\n overwrite: true\n mode: 0755\n files:\n - path: /etc/hostname\n mode: 0644\n contents:\n inline: |\n worker3\n\n - path: /etc/systemd/network/00-eth.network\n mode: 0644\n contents:\n inline: |\n [Match]\n Name=eth*\n \n [Network]\n Address=fd00:0:0:2::103/64\n Gateway=fd00:0:0:2::3\n DNS=fd00:0:0:3::1\n Address=10.0.2.103/24\n Gateway=10.0.2.3\n DNS=10.0.3.1\n Domains=undercloud.local\n\n - path: /etc/hosts\n mode: 0644\n overwrite: true\n contents:\n inline: |\n 127.0.0.1 localhost\n ::1 localhost ip6-localhost ip6-loopback\n fd00:0:0:2::91 control-plane1.undercloud.local control-plane1\n fd00:0:0:2::92 control-plane2.undercloud.local control-plane2\n fd00:0:0:2::93 control-plane3.undercloud.local control-plane3\n fd00:0:0:2::101 worker1.undercloud.local worker1\n fd00:0:0:2::102 worker2.undercloud.local worker2\n fd00:0:0:2::103 worker3.undercloud.local worker3\n 10.0.2.91 control-plane1.undercloud.local control-plane1\n 10.0.2.92 control-plane2.undercloud.local control-plane2\n 10.0.2.93 control-plane3.undercloud.local control-plane3\n 10.0.2.101 worker1.undercloud.local worker1\n 10.0.2.102 worker2.undercloud.local worker2\n 10.0.2.103 worker3.undercloud.local worker3\n\n - path: /etc/motd\n mode: 0644\n overwrite: true\n contents:\n inline: |\n *******************************************************************\n * AUTHORIZED ACCESS ONLY *\n * *\n * This system is part of a secured infrastructure. *\n * All activities are monitored and logged. *\n * Unauthorized access or misuse is strictly prohibited and *\n * may result in disciplinary and legal action. *\n *******************************************************************\n\n --------------------------------------------------------------------------------\n kubernetes controle plane Node\n\n Manage via:\n kubectl (kubectl)\n calico (calicoctl)\n velero - backup (velero)\n argocd https://argocd-server.argocd.svc.k8aux.undercloud.cf/\n --------------------------------------------------------------------------------\n\n - path: /etc/sysctl.d/99-k8s.conf\n mode: 0644\n contents:\n inline: |\n net.ipv4.ip_forward = 1\n net.ipv6.ip_forward = 1\n net.ipv6.conf.all.forwarding = 1\n net.ipv4.conf.all.forwarding = 1\n net.bridge.bridge-nf-call-iptables = 1\n net.bridge.bridge-nf-call-ip6tables = 1\n net.netfilter.nf_conntrack_max = 1000000\n net.ipv4.conf.all.rp_filter = 0\n net.ipv6.conf.all.disable_ipv6 = 0\n vm.overcommit_memory = 1\n fs.inotify.max_user_watches = 524288\n fs.inotify.max_user_instances = 512\n kernel.panic = 10\n kernel.panic_on_oops = 1\n\n - path: /etc/flatcar/update.conf\n overwrite: true\n mode: 0420\n contents:\n inline: |\n REBOOT_STRATEGY=off\n\n - path: /opt/bin/kubeadm\n mode: 0755\n contents:\n source: \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubeadm\"\n\n - path: /opt/bin/kubelet\n mode: 0755\n contents:\n source: \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubelet\"\n\n - path: /opt/bin/kubectl\n mode: 0755\n contents:\n source: \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubectl\"\n\n - path: /opt/bin/calicoctl\n mode: 0755\n contents:\n source: \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/calicoctl\"\n\n - path: /etc/kubernetes/kubeadm-join.yaml\n mode: 0644\n contents:\n inline: |\n apiVersion: kubeadm.k8s.io/v1beta3\n kind: JoinConfiguration\n nodeRegistration:\n name: worker3\n criSocket: unix:///run/containerd/containerd.sock\n kubeletExtraArgs:\n node-ip: \"fd00:0:0:2::103\"\n volume-plugin-dir: \"/opt/libexec/kubernetes/kubelet-plugins/volume/exec/\"\n discovery:\n bootstrapToken:\n apiServerEndpoint: \"[fd00:0:0:2::100]:6443\"\n token: \"kvg1hc.t3rewovrps426rof\"\n unsafeSkipCAVerification: true\n ---\n apiVersion: kubelet.config.k8s.io/v1beta1\n kind: KubeletConfiguration\n address: \"::\"\n healthzBindAddress: \"::\"\n clusterDomain: \"k8aux.undercloud.local\"\n clusterDNS:\n - \"2001:470:72f0:f:1::a\"\n cgroupDriver: \"systemd\" \n volumePluginDir: \"/opt/libexec/kubernetes/kubelet-plugins/volume/exec/\"\n\nsystemd:\n units:\n - name: modules-load.service\n enabled: true\n contents: |\n [Unit]\n Description=Load necessary kernel modules\n Before=containerd.service kubeadm-init.service\n\n [Service]\n Type=oneshot\n ExecStart=/usr/bin/modprobe br_netfilter\n ExecStart=/usr/bin/modprobe overlay\n RemainAfterExit=yes\n\n [Install]\n WantedBy=multi-user.target\n\n - name: systemd-networkd-wait-online.service\n enabled: true\n\n - name: containerd.service\n enabled: true\n contents: |\n [Unit]\n Description=containerd container runtime\n After=network.target modules-load.service\n\n [Service]\n ExecStart=/usr/bin/containerd\n Restart=always\n RestartSec=5\n Delegate=yes\n KillMode=process\n OOMScoreAdjust=-999\n\n [Install]\n WantedBy=multi-user.\n\n - name: set-timezone.service\n enabled: true\n contents: |\n [Unit]\n Description=Set Timezone\n After=network-online.target\n Wants=network-online.target\n [Service]\n StandardOutput=journal+console\n StandardError=journal+console\n Type=oneshot\n Restart=on-failure\n ExecStart=/usr/bin/timedatectl set-timezone Europe/Berlin\n ExecStart=/usr/bin/timedatectl set-ntp true \n [Install]\n WantedBy=kubeadm.service\n\n - name: kubelet.service\n enabled: true\n contents: |\n [Unit]\n Description=kubelet, the Kubernetes Node Agent\n Documentation=https://kubernets.io/docs/home\n Wants=network-online.target\n After=network-online.target\n [Service]\n #StandardOutput=journal+console\n #StandardError=journal+console\n #EnvironmentFile=/run/metadata/coreos\n Environment=\"KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf\"\n Environment=\"KUBELET_CONFIG_ARGS=--config=/var/lib/kubelet/config.yaml\"\n # This is a file that \"kubeadm init\" and \"kubeadm join\" generates at runtime, populating the KUBELET_KUBEADM_ARGS variable dynamically\n EnvironmentFile=-/var/lib/kubelet/kubeadm-flags.env\n ExecStart=/opt/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_CONFIG_ARGS $KUBELET_KUBEADM_ARGS $KUBELET_EXTRA_ARGS\n Restart=always\n StartLimitInterval=0\n RestartSec=10\n [Install]\n WantedBy=multi-user.target\n\n - name: kubeadm-join.service\n enabled: true\n contents: |\n [Unit]\n Description=Join node to Kubernetes cluster\n After=network-online.target containerd.service kubelet.service\n Wants=network-online.target\n\n [Service]\n Type=oneshot\n # Environment\n Environment=KUBECONFIG=/etc/kubernetes/admin.conf\n Environment=DATASTORE_TYPE=kubernetes\n Environment=PATH=/usr/bin/:/usr/sbin:/opt/bin:/opt/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent-uds/\n \n ExecStartPre=/bin/sleep 30s\n\n ExecStart=/opt/bin/kubeadm join --config=/etc/kubernetes/kubeadm-join.yaml\n \n #ExecStartPost=/usr/bin/systemctl disable kubeadm-init.service\n Restart=on-failure\n RestartSec=120s\n\n [Install]\n WantedBy=multi-user.target\n", "id": "1150707983", "pretty_print": true, "rendered": "{\n \"ignition\": {\n \"config\": {\n \"replace\": {\n \"verification\": {}\n }\n },\n \"proxy\": {},\n \"security\": {\n \"tls\": {}\n },\n \"timeouts\": {},\n \"version\": \"3.4.0\"\n },\n \"kernelArguments\": {},\n \"passwd\": {\n \"users\": [\n {\n \"name\": \"core\",\n \"sshAuthorizedKeys\": [\n \"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHHEAlPo3v4U67Y3411pTjIMkQxwlFWdXrBJkSzXenDH flatcar@undercloud\"\n ]\n }\n ]\n },\n \"storage\": {\n \"directories\": [\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/opt/bin\",\n \"user\": {},\n \"mode\": 493\n },\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/opt/cni/bin\",\n \"user\": {},\n \"mode\": 493\n }\n ],\n \"files\": [\n {\n \"group\": {},\n \"path\": \"/etc/hostname\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"\",\n \"source\": \"data:,worker3%0A\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"path\": \"/etc/systemd/network/00-eth.network\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/4r2TSxJzojl8kvMTbVNLcnQ4uKK9kstKc8vyo7lckxJKUotLrZNSzEwsAJBIysrQwNjfTMTLvfEktTyxEoUKWMuF79ghIixlZUh3AhDAz0DPSM9kG4jhG6oKEQjmGOsZ8jlkp+bmJlXbFual5JalJyTX5qil5OfnJjDBQgAAP//WQ/raK0AAAA=\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/etc/hosts\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/5TRYcqDMAwG4P+eIhewNAl8H/Y2rjo2LEY6Zdcf3arQMgnTX83bB8obpH9jjTUIAEF8H27yWBvn0vnzHVO4L39tfZLl0vupuQ7WuvSTcx2Cl3mNEtol9POIZpuHMfog22DevspLTWVKiqZSc5myornQaBGeEqcxfnlzDipAeU5ngCrAec5ngBtMCyHTpR382OROqaZ6jTvlmuodZprq0/s7LhPo3R2XGfTeXgEAAP//kbvS+8wCAAA=\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/etc/motd\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/6yRwYobMQyG7/MUOmYX4lzL3sJ2oYV2A01yaG+KrMyIeOxBkodOn74kk0MPaSg0/8WWkD4+4+f/T/MMf8l6v/u0+fb5x9tHWL++vm23sHn/8v3G4B3GP+fC2HViYJM59yAGA6pDOQKCMVXlCJKPiuZayatyuMVYpwRILqO4sAEqQ1+yeDnvY46QSttyDPc89hmrd0Xl13mHiM2gKPRi1fhsZq5CniYYtHRyEL+y/2D0OIGy1eQgGaIYyZAko06zBbc4i5Ycbns84G+b5YPTnOqBNbOzAZXsWhLDkDAzvJfITfMVM7YMo+DLZZY8weJ6eWoIk1CBxXxeWiMn1gJLOCCd6gCLufHUoLaFInTug72sVnO5NNaRNcxVsJHC6QPWn6HmyEqp1BjouHr8u38HAAD//04R3qpqAwAA\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"path\": \"/etc/sysctl.d/99-k8s.conf\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/4zQX27CMAwG8HdO0QsQASqIF85imdRhFokdOVmB20/duu6PMo3vJVL0i+wvQtVxHnvHGYLaDW3ofufUbVezOzztvEpwGKObNcul4fpn3Nl4uNB8rCWsPca45lzxHKn87w4z/HRCNXCsZE4CeBWphv4KCe/L3M17Gltaho+331pvGq0HLtNQmG6/3JicjmReU+IKiZLao/WLoTgWrRweLuEdXgsZ3LD6l6nu4va7fnc8NjFLqSh+4aduv92trmRC0WUU9t0fmcr/gKACqrm09nwLAAD//0919F4+AgAA\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/etc/flatcar/update.conf\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"\",\n \"source\": \"data:,REBOOT_STRATEGY%3Doff%0A\",\n \"verification\": {}\n },\n \"mode\": 272\n },\n {\n \"group\": {},\n \"path\": \"/opt/bin/kubeadm\",\n \"user\": {},\n \"contents\": {\n \"source\": \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubeadm\",\n \"verification\": {}\n },\n \"mode\": 493\n },\n {\n \"group\": {},\n \"path\": \"/opt/bin/kubelet\",\n \"user\": {},\n \"contents\": {\n \"source\": \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubelet\",\n \"verification\": {}\n },\n \"mode\": 493\n },\n {\n \"group\": {},\n \"path\": \"/opt/bin/kubectl\",\n \"user\": {},\n \"contents\": {\n \"source\": \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubectl\",\n \"verification\": {}\n },\n \"mode\": 493\n },\n {\n \"group\": {},\n \"path\": \"/opt/bin/calicoctl\",\n \"user\": {},\n \"contents\": {\n \"source\": \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/calicoctl\",\n \"verification\": {}\n },\n \"mode\": 493\n },\n {\n \"group\": {},\n \"path\": \"/etc/kubernetes/kubeadm-join.yaml\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/6SRQW/bMAyF7/4Vgu627CRoC96yppcNGIZl6GXYQZFoh7AjGpTkpvv1g+0AW3YtdBHER/LpfXakV5RIHED1+YTWX6r+KVbEZmpOmOy26Cl4UJ+ZwjOHlrosNhGHIrDH79hRTOsDFEoFe0FQbyw9yrZQygkd2fWYQOVAVzDGSA7GcUiWAor/51pFdn2hFhsDppdrEruXLs5zlZq3lTSC0q2va5jPBqCpt3opTzzkC5bjkDsKpScBpQ2PyQx0wis6M0+VgAmjuS24iaNZe80i04Wn6HhCeZ/3npjT/L/xB/cYVid2pCPKhPIS/MgUEij9895U/QsedrubtbS0Kt1PXXN2VdoKvvEkY9xtHoTbVZRDtC0eexqf968o1JJbQ1VJMhZlWRb/oxowVW4hck+suRH7smruoVnvBWMEpQF0cUY7pPPvTxT8/q7ghhwTyoEvlhbvTzZfqxw8ihs4+2pgZ4e/uq/HOZtS6U1dN7B7rOFx09bQQgNgdeE64TwehCacwcT3mPDitSrW6L8tIA4fgPYnAAD//ynHHhfHAgAA\",\n \"verification\": {}\n },\n \"mode\": 420\n }\n ]\n },\n \"systemd\": {\n \"units\": [\n {\n \"contents\": \"[Unit]\\nDescription=Load necessary kernel modules\\nBefore=containerd.service kubeadm-init.service\\n\\n[Service]\\nType=oneshot\\nExecStart=/usr/bin/modprobe br_netfilter\\nExecStart=/usr/bin/modprobe overlay\\nRemainAfterExit=yes\\n\\n[Install]\\nWantedBy=multi-user.target\\n\",\n \"enabled\": true,\n \"name\": \"modules-load.service\"\n },\n {\n \"enabled\": true,\n \"name\": \"systemd-networkd-wait-online.service\"\n },\n {\n \"contents\": \"[Unit]\\nDescription=containerd container runtime\\nAfter=network.target modules-load.service\\n\\n[Service]\\nExecStart=/usr/bin/containerd\\nRestart=always\\nRestartSec=5\\nDelegate=yes\\nKillMode=process\\nOOMScoreAdjust=-999\\n\\n[Install]\\nWantedBy=multi-user.\\n\",\n \"enabled\": true,\n \"name\": \"containerd.service\"\n },\n {\n \"contents\": \"[Unit]\\nDescription=Set Timezone\\nAfter=network-online.target\\nWants=network-online.target\\n[Service]\\nStandardOutput=journal+console\\nStandardError=journal+console\\nType=oneshot\\nRestart=on-failure\\nExecStart=/usr/bin/timedatectl set-timezone Europe/Berlin\\nExecStart=/usr/bin/timedatectl set-ntp true \\n[Install]\\nWantedBy=kubeadm.service\\n\",\n \"enabled\": true,\n \"name\": \"set-timezone.service\"\n },\n {\n \"contents\": \"[Unit]\\nDescription=kubelet, the Kubernetes Node Agent\\nDocumentation=https://kubernets.io/docs/home\\nWants=network-online.target\\nAfter=network-online.target\\n[Service]\\n#StandardOutput=journal+console\\n#StandardError=journal+console\\n#EnvironmentFile=/run/metadata/coreos\\nEnvironment=\\\"KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf\\\"\\nEnvironment=\\\"KUBELET_CONFIG_ARGS=--config=/var/lib/kubelet/config.yaml\\\"\\n# This is a file that \\\"kubeadm init\\\" and \\\"kubeadm join\\\" generates at runtime, populating the KUBELET_KUBEADM_ARGS variable dynamically\\nEnvironmentFile=-/var/lib/kubelet/kubeadm-flags.env\\nExecStart=/opt/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_CONFIG_ARGS $KUBELET_KUBEADM_ARGS $KUBELET_EXTRA_ARGS\\nRestart=always\\nStartLimitInterval=0\\nRestartSec=10\\n[Install]\\nWantedBy=multi-user.target\\n\",\n \"enabled\": true,\n \"name\": \"kubelet.service\"\n },\n {\n \"contents\": \"[Unit]\\nDescription=Join node to Kubernetes cluster\\nAfter=network-online.target containerd.service kubelet.service\\nWants=network-online.target\\n\\n[Service]\\nType=oneshot\\n# Environment\\nEnvironment=KUBECONFIG=/etc/kubernetes/admin.conf\\nEnvironment=DATASTORE_TYPE=kubernetes\\nEnvironment=PATH=/usr/bin/:/usr/sbin:/opt/bin:/opt/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent-uds/\\n\\nExecStartPre=/bin/sleep 30s\\n\\nExecStart=/opt/bin/kubeadm join --config=/etc/kubernetes/kubeadm-join.yaml\\n\\n#ExecStartPost=/usr/bin/systemctl disable kubeadm-init.service\\nRestart=on-failure\\nRestartSec=120s\\n\\n[Install]\\nWantedBy=multi-user.target\\n\",\n \"enabled\": true,\n \"name\": \"kubeadm-join.service\"\n }\n ]\n }\n}", "snippets": null, "strict": false }, "sensitive_attributes": [], "identity_schema_version": 0 } ] }, { "mode": "managed", "type": "null_resource", "name": "wait_for_cp1", "provider": "provider[\"registry.terraform.io/hashicorp/null\"]", "instances": [ { "schema_version": 0, "attributes": { "id": "1931730887386844189", "triggers": null }, "sensitive_attributes": [], "identity_schema_version": 0, "dependencies": [ "data.ct_config.control_plane1_ignition", "proxmox_virtual_environment_download_file.flatcar_image", "proxmox_virtual_environment_file.control_plane1_ignition", "proxmox_virtual_environment_vm.control_plane1", "proxmox_virtual_environment_vm.flatcar_template" ] } ] }, { "mode": "managed", "type": "null_resource", "name": "wait_for_cp3", "provider": "provider[\"registry.terraform.io/hashicorp/null\"]", "instances": [ { "schema_version": 0, "attributes": { "id": "2521654432915739147", "triggers": null }, "sensitive_attributes": [], "identity_schema_version": 0, "dependencies": [ "data.ct_config.control_plane1_ignition", "data.ct_config.control_plane3_ignition", "null_resource.wait_for_cp1", "proxmox_virtual_environment_download_file.flatcar_image", "proxmox_virtual_environment_file.control_plane1_ignition", "proxmox_virtual_environment_file.control_plane3_ignition", "proxmox_virtual_environment_vm.control_plane1", "proxmox_virtual_environment_vm.control_plane3", "proxmox_virtual_environment_vm.flatcar_template" ] } ] }, { "mode": "managed", "type": "proxmox_virtual_environment_download_file", "name": "flatcar_image", "provider": "provider[\"registry.terraform.io/bpg/proxmox\"]", "instances": [ { "schema_version": 0, "attributes": { "checksum": null, "checksum_algorithm": null, "content_type": "import", "datastore_id": "cephfs", "decompression_algorithm": null, "file_name": "flatcar_production_proxmoxve_image.qcow2", "id": "cephfs:import/flatcar_production_proxmoxve_image.qcow2", "node_name": "hyper1", "overwrite": true, "overwrite_unmanaged": false, "size": 573243392, "upload_timeout": 600, "url": "http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/iso/flatcar_production_proxmoxve_image.img", "verify": true }, "sensitive_attributes": [], "identity_schema_version": 0 } ] }, { "mode": "managed", "type": "proxmox_virtual_environment_file", "name": "control_plane1_ignition", "provider": "provider[\"registry.terraform.io/bpg/proxmox\"]", "instances": [ { "schema_version": 0, "attributes": { "content_type": "snippets", "datastore_id": "cephfs", "file_mode": null, "file_modification_date": null, "file_name": "control-plane1-ignition-user-data", "file_size": null, "file_tag": null, "id": "cephfs:snippets/control-plane1-ignition-user-data", "node_name": "hyper1", "overwrite": true, "source_file": [], "source_raw": [ { "data": "{\n \"ignition\": {\n \"config\": {\n \"replace\": {\n \"verification\": {}\n }\n },\n \"proxy\": {},\n \"security\": {\n \"tls\": {}\n },\n \"timeouts\": {},\n \"version\": \"3.4.0\"\n },\n \"kernelArguments\": {},\n \"passwd\": {\n \"users\": [\n {\n \"name\": \"core\",\n \"sshAuthorizedKeys\": [\n \"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHHEAlPo3v4U67Y3411pTjIMkQxwlFWdXrBJkSzXenDH flatcar@undercloud\"\n ]\n }\n ]\n },\n \"storage\": {\n \"directories\": [\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/opt/bin\",\n \"user\": {},\n \"mode\": 493\n },\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/opt/cni/bin\",\n \"user\": {},\n \"mode\": 755\n },\n {\n \"group\": {},\n \"path\": \"/etc/kubernetes/manifests\",\n \"user\": {},\n \"mode\": 493\n },\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/etc/install-calico\",\n \"user\": {},\n \"mode\": 493\n }\n ],\n \"files\": [\n {\n \"group\": {},\n \"path\": \"/etc/hostname\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"\",\n \"source\": \"data:,control-plane1%0A\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"path\": \"/etc/systemd/network/00-eth.network\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/4r2TSxJzojl8kvMTbVNLcnQ4uKK9kstKc8vyo7lckxJKUotLrZNSzEwsAJBIysrS0N9MxMu98SS1PLEShQZYy4Xv2CEiLGVlSHcBEMDPQM9Iz1LQ30jhGaoIEQfmGOsZ8jlkp+bmJlXbFual5JalJyTX5qil5OfnJjDBQgAAP//szh4MqsAAAA=\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/etc/hosts\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/5TRYcqDMAwG4P+eIhewNAl8H/Y2rjo2LEY6Zdcf3arQMgnTX83bB8obpH9jjTUIAEF8H27yWBvn0vnzHVO4L39tfZLl0vupuQ7WuvSTcx2Cl3mNEtol9POIZpuHMfog22DevspLTWVKiqZSc5myornQaBGeEqcxfnlzDipAeU5ngCrAec5ngBtMCyHTpR382OROqaZ6jTvlmuodZprq0/s7LhPo3R2XGfTeXgEAAP//kbvS+8wCAAA=\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/etc/motd\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/6yRwYobMQyG7/MUOmYX4lzL3sJ2oYV2A01yaG+KrMyIeOxBkodOn74kk0MPaSg0/8WWkD4+4+f/T/MMf8l6v/u0+fb5x9tHWL++vm23sHn/8v3G4B3GP+fC2HViYJM59yAGA6pDOQKCMVXlCJKPiuZayatyuMVYpwRILqO4sAEqQ1+yeDnvY46QSttyDPc89hmrd0Xl13mHiM2gKPRi1fhsZq5CniYYtHRyEL+y/2D0OIGy1eQgGaIYyZAko06zBbc4i5Ycbns84G+b5YPTnOqBNbOzAZXsWhLDkDAzvJfITfMVM7YMo+DLZZY8weJ6eWoIk1CBxXxeWiMn1gJLOCCd6gCLufHUoLaFInTug72sVnO5NNaRNcxVsJHC6QPWn6HmyEqp1BjouHr8u38HAAD//04R3qpqAwAA\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"path\": \"/etc/sysctl.d/99-k8s.conf\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/4zQX27CMAwG8HdO0QsQASqIF85imdRhFokdOVmB20/duu6PMo3vJVL0i+wvQtVxHnvHGYLaDW3ofufUbVezOzztvEpwGKObNcul4fpn3Nl4uNB8rCWsPca45lzxHKn87w4z/HRCNXCsZE4CeBWphv4KCe/L3M17Gltaho+331pvGq0HLtNQmG6/3JicjmReU+IKiZLao/WLoTgWrRweLuEdXgsZ3LD6l6nu4va7fnc8NjFLqSh+4aduv92trmRC0WUU9t0fmcr/gKACqrm09nwLAAD//0919F4+AgAA\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/etc/flatcar/update.conf\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"\",\n \"source\": \"data:,REBOOT_STRATEGY%3Doff%0A\",\n \"verification\": {}\n },\n \"mode\": 272\n },\n {\n \"group\": {},\n \"path\": \"/opt/bin/kubeadm\",\n \"user\": {},\n \"contents\": {\n \"source\": \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubeadm\",\n \"verification\": {}\n },\n \"mode\": 493\n },\n {\n \"group\": {},\n \"path\": \"/opt/bin/kubelet\",\n \"user\": {},\n \"contents\": {\n \"source\": \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubelet\",\n \"verification\": {}\n },\n \"mode\": 493\n },\n {\n \"group\": {},\n \"path\": \"/opt/bin/kubectl\",\n \"user\": {},\n \"contents\": {\n \"source\": \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubectl\",\n \"verification\": {}\n },\n \"mode\": 493\n },\n {\n \"group\": {},\n \"path\": \"/opt/bin/calicoctl\",\n \"user\": {},\n \"contents\": {\n \"source\": \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/calicoctl\",\n \"verification\": {}\n },\n \"mode\": 493\n },\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/etc/install-calico/custom-resources.yaml\",\n \"user\": {},\n \"contents\": {\n \"source\": \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/calico-config/custom-resources.yaml\",\n \"verification\": {}\n },\n \"mode\": 493\n },\n {\n \"group\": {},\n \"path\": \"/etc/kubernetes/kubeadm-init.yaml\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/6xSQWvbMBi961cIXXqZLTtW41S3rO2hlEFYxy5jB1n67AorkpFkN92vH7KTrGGFjTECQeD33vfe9z4x6K/gg3aW435sQKh93m9Crh2dygaiqFCvreL4wep462yru9GLqJ1FjXMxRC+GL64HGzjCOMMxvTkm/dSVzzKPlYcXN/khsNXau5YgjDFWEKTXQ5ynEgWtGE08jcdn3UVsocRoOCYFQdYp+AydTohZAGFsxR44ls5G70w2GGGhRBhLr5+c7CFyPFp94JRSP1qacEJb8OrNMw9O9gjPJgzE+0P0Yuu7ORXGaWimB45Jq4qCp9+K85ty8TY5M+4hG8zYaZsp7Tkm1A2RGt3AASRNot5ChECP+kdwoAuXzjCCjJPCbHcP91YNTtuYpgs1gY86wFYpDyG8a6LRVu2cjxyvGauQTIxWSxHhEV4TA6CWFVzLVgpZA6trJtfQSlGwNRNspTY3dVsVbV0VRcUKtb6uN821bBsmKlWxhqAsy9BfH8utGUMEf3kvx352qZ5zQEy+vU1TFsV3niIQZCG+ON9r26UtDE49jY1NXf6KLzina/ahLPIiT390xdIyAvhJS/gd3/KSc1oWm4VyU54pyoY7txd6Pt1NyEerwEvjRpXPnZCTewP+k7CiA59cweWZtAYO2f+7hiSZis3Eqfkrzq/ebcJAzOW87ctCymMhjwvmspCzLOGcoGcQJj7/+Kit2l58kEuZf9jPYn03B7lLof8hM5Kdd+Nw5/UEaW3hNUTYK4J+BgAA///wuZ+zpgQAAA==\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"path\": \"/etc/kubernetes/calico.yaml\",\n \"user\": {},\n \"contents\": {\n \"source\": \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/calico.yaml\",\n \"verification\": {}\n },\n \"mode\": 420\n }\n ]\n },\n \"systemd\": {\n \"units\": [\n {\n \"contents\": \"[Unit]\\nDescription=Load necessary kernel modules\\nBefore=containerd.service kubeadm-init.service\\n\\n[Service]\\nType=oneshot\\n\\nExecStart=/usr/bin/modprobe br_netfilter\\nExecStart=/usr/bin/modprobe overlay\\nRemainAfterExit=yes\\n\\n[Install]\\nWantedBy=multi-user.target\\n\",\n \"enabled\": true,\n \"name\": \"modules-load.service\"\n },\n {\n \"enabled\": true,\n \"name\": \"systemd-networkd-wait-online.service\"\n },\n {\n \"contents\": \"[Unit]\\nDescription=containerd container runtime\\nAfter=network.target modules-load.service\\n\\n[Service]\\n#StandardOutput=journal+console\\n#StandardError=journal+console\\n\\nExecStart=/usr/bin/containerd\\nRestart=always\\nRestartSec=5\\nDelegate=yes\\nKillMode=process\\nOOMScoreAdjust=-999\\n\\n[Install]\\nWantedBy=multi-user.\\n\",\n \"enabled\": true,\n \"name\": \"containerd.service\"\n },\n {\n \"contents\": \"[Unit]\\nDescription=Set Timezone\\nAfter=network-online.target\\nWants=network-online.target\\n[Service]\\nStandardOutput=journal+console\\nStandardError=journal+console\\n\\nExecStart=/bin/sh -c 'echo \\\"setting timezone to Europe/Berlin\\\"'\\nStandardOutput=journal+console\\nStandardError=journal+console\\nType=oneshot\\nRestart=on-failure\\nExecStart=/usr/bin/timedatectl set-timezone Europe/Berlin\\nExecStart=/usr/bin/timedatectl set-ntp true \\n[Install]\\nWantedBy=kubeadm.service\\n\",\n \"enabled\": true,\n \"name\": \"set-timezone.service\"\n },\n {\n \"contents\": \"[Unit]\\nDescription=kubelet, the Kubernetes Node Agent\\nDocumentation=https://kubernets.io/docs/home\\nWants=network-online.target\\nAfter=network-online.target\\n[Service]\\n#StandardOutput=journal+console\\n#StandardError=journal+console\\n\\n#EnvironmentFile=/run/metadata/coreos\\nEnvironment=\\\"KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf\\\"\\nEnvironment=\\\"KUBELET_CONFIG_ARGS=--config=/var/lib/kubelet/config.yaml\\\"\\n# This is a file that \\\"kubeadm init\\\" and \\\"kubeadm join\\\" generates at runtime, populating the KUBELET_KUBEADM_ARGS variable dynamically\\nEnvironmentFile=-/var/lib/kubelet/kubeadm-flags.env\\nExecStart=/opt/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_CONFIG_ARGS $KUBELET_KUBEADM_ARGS $KUBELET_EXTRA_ARGS\\nRestart=always\\nStartLimitInterval=0\\nRestartSec=10\\n[Install]\\nWantedBy=multi-user.target\\n\",\n \"enabled\": true,\n \"name\": \"kubelet.service\"\n },\n {\n \"contents\": \"[Unit]\\nDescription=Kubeadm Init Cluster\\nAfter=network-online.target containerd.service kubelet.service\\nWants=network-online.target\\nConditionPathExists=!/etc/kubernetes/kubelet.conf\\n\\n[Service]\\nType=oneshot\\nStandardOutput=journal+console\\nStandardError=journal+console\\n\\nExecStart=/bin/sh -c 'echo \\\"kubeadm-init.service started...\\\"'\\n\\n# Environment\\nEnvironment=KUBECONFIG=/etc/kubernetes/admin.conf\\nEnvironment=DATASTORE_TYPE=kubernetes\\nEnvironment=PATH=/usr/bin/:/usr/sbin:/opt/bin:/opt/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent-uds/\\n\\nExecStartPre=/bin/sleep 30s\\nExecStart=/bin/sh -c 'echo \\\"running kubeadm init...\\\"'\\nExecStart=/opt/bin/kubeadm init --upload-certs --config=/etc/kubernetes/kubeadm-init.yaml\\n\\n# copy files for kubectl\\nExecStart=/bin/sh -c 'echo \\\"copying files (admin.conf) to core home folder.\\\"'\\nExecStartPost=/usr/bin/mkdir -p /home/core/.kube\\nExecStartPost=/usr/bin/cp -i /etc/kubernetes/admin.conf /home/core/.kube/config\\nExecStartPost=/usr/bin/chown core:core /home/core/.kube/config\\n\\nExecStartPost=/usr/bin/systemctl disable kubeadm-init.service\\nRestart=on-failure\\nRestartSec=120s\\n[Install]\\nWantedBy=multi-user.target\\n\",\n \"enabled\": true,\n \"name\": \"kubeadm-init.service\"\n },\n {\n \"contents\": \"[Unit]\\nWants=kubeadm-init.target\\nAfter=kubeadm-init.target\\n\\n[Service]\\nStandardOutput=journal+console\\nStandardError=journal+console\\n\\nExecStart=/bin/sh -c 'echo \\\"install.calico.service started...\\\"'\\nEnvironment=KUBECONFIG=/etc/kubernetes/admin.conf\\nEnvironment=DATASTORE_TYPE=kubernetes\\nEnvironment=PATH=/usr/bin/:/usr/sbin:/opt/bin\\nType=oneshot\\nStandardOutput=journal+console\\nStandardError=journal+console\\nExecStart=/bin/sh -c 'echo \\\"witing 30s...\\\"'\\nExecStart=/bin/sleep 30s\\nExecStart=/bin/sh -c 'echo \\\"create calico namespace...\\\"'\\nExecStart=/opt/bin/kubectl apply -f http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/calico-config/namespace.yaml\\nExecStart=/bin/sh -c 'echo \\\"install tigera operator...\\\"'\\nExecStart=/opt/bin/kubectl create -f http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/calico-config/operator-crds.yaml\\nExecStart=/opt/bin/kubectl create -f http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/calico-config/tigera-operator.yaml\\nExecStart=/bin/sh -c 'echo \\\"witing 60s...\\\"'\\nExecStart=/bin/sleep 60s\\nExecStart=/bin/sh -c 'echo \\\"witing for tigera operator... (20mini max)\\\"'\\nExecStart=/opt/bin/kubectl wait deployment -n tigera-operator tigera-operator --for condition=Available=True --timeout=1200s\\nExecStart=/bin/sh -c 'echo \\\"create clico custom ressources...\\\"'\\nExecStart=/opt/bin/kubectl create -f /etc/install-calico/custom-resources.yaml\\n\\nExecStart=/bin/sh -c 'echo \\\"witing 3m..\\\"'\\nExecStart=/bin/sleep 3m\\n#ExecStart=/bin/sh -c 'echo \\\"apply calico (calico-apiserver)...\\\"'\\n#ExecStart=/opt/bin/kubectl apply -f http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/calico-config/calico.yaml\\n#ExecStart=/bin/sh -c 'echo \\\"witing 1m...\\\"'\\n#ExecStart=/bin/sleep 1m\\nExecStart=/bin/sh -c 'echo \\\"witing calico-apiserver... (20mini max)\\\"'\\nExecStart=/opt/bin/kubectl wait deployment -n calico-apiserver calico-apiserver --for condition=Available=True --timeout=1200s\\nExecStart=/bin/sh -c 'echo \\\"witing 120s...\\\"'\\nExecStart=/bin/sleep 2m\\nExecStart=/bin/sh -c 'echo \\\"apply calico-peers...\\\"'\\nExecStart=/opt/bin/kubectl apply -f http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/calico-config/calico-peer.yaml\\nExecStart=/bin/sh -c 'echo \\\"witing 60s...\\\"'\\nExecStart=/bin/sleep 1m\\nExecStart=/bin/sh -c 'echo \\\"apply calico-ippools...\\\"'\\nExecStart=/opt/bin/kubectl apply -f http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/calico-config/ippools.yaml\\n\\n#ExecStart=/bin/sh -c 'echo \\\"witing for whisker..\\\"'\\n#ExecStart=/opt/bin/kubectl wait deployment -n calico-system whisker --for condition=Available=True --timeout=1200s\\n#ExecStart=/bin/sh -c 'echo \\\"port-forward -n calico-system service/whisker 8081:8081\\\"'\\n#ExecStart=/opt/bin/kubectl port-forward -n calico-system service/whisker 8081:8081\\n\\nExecStart=/usr/bin/systemctl disable install-calico.service\\n#RemainAfterExit=true\\nRestart=on-failure\\nRestartSec=120s\\n[Install]\\nWantedBy=multi-user.target\\n\",\n \"enabled\": true,\n \"name\": \"install-calico.service\"\n },\n {\n \"contents\": \"[Unit]\\nWants=install-calico.target\\nAfter=install-calico.target\\n[Service]\\nStandardOutput=journal+console\\nStandardError=journal+console\\n\\nEnvironment=KUBECONFIG=/etc/kubernetes/admin.conf\\nEnvironment=DATASTORE_TYPE=kubernetes\\nEnvironment=PATH=/usr/bin/:/usr/sbin:/opt/bin\\nType=oneshot\\n\\nExecStart=/opt/bin/kubectl wait deployment -n kube-system coredns --for condition=Available=True --timeout=600s\\n\\nExecStart=/bin/sleep 1m\\nExecStart=/opt/bin/kubectl apply -n argocd -f http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/argocd/namespace.yaml\\nExecStart=/opt/bin/kubectl apply -n argocd -f http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/argocd/install.yaml\\nExecStart=/opt/bin/kubectl wait deployment -n argocd argocd-server --for condition=Available=True --timeout=600s\\n\\n#ExecStart=/bin/sleep 10s\\n#ExecStart=/opt/bin/kubectl apply -n argocd -f http://aux-balancer.undercloud.cf:3000/undercloud/k8aux-bootstrap/raw/branch/main/repos/k8aux-bootstrap.yaml\\n#ExecStart=/opt/bin/kubectl apply -n argocd -f http://aux-balancer.undercloud.cf:3000/undercloud/k8aux-bootstrap/raw/branch/main/repos/k8aux-apps.yaml\\n#ExecStart=/opt/bin/kubectl apply -n argocd -f http://aux-balancer.undercloud.cf:3000/undercloud/k8aux-bootstrap/raw/branch/main/apps/argocd.yaml\\n#ExecStart=/opt/bin/kubectl apply -n argocd -f http://aux-balancer.undercloud.cf:3000/undercloud/k8aux-bootstrap/raw/branch/main/apps/calico.yaml\\n#ExecStart=/opt/bin/kubectl apply -n argocd -f http://aux-balancer.undercloud.cf:3000/undercloud/k8aux-bootstrap/raw/branch/main/apps/rook-ceph.yaml\\n#ExecStart=/opt/bin/kubectl apply -n argocd -f http://aux-balancer.undercloud.cf:3000/undercloud/k8aux-bootstrap/raw/branch/main/apps/gitea.yaml\\n#ExecStart=/opt/bin/kubectl apply -n argocd -f http://aux-balancer.undercloud.cf:3000/undercloud/k8aux-bootstrap/raw/branch/main/argocd/argocd-secret.yaml\\n##ExecStart=/bin/sleep 10m\\n#ExecStart=/opt/bin/kubectl wait deployment -n gitea gitea --for condition=Available=True --timeout=4800s\\n#ExecStart=/bin/sleep 10m\\n#ExecStart=/opt/bin/kubectl apply -n argocd -f http://gitea.gitea.svc.k8aux.undercloud.cf:3000/undercloud/k8aux-apps/raw/branch/main/app-of-apps/app-of-apps.yaml\\n\\nExecStart=/usr/bin/systemctl disable install-argocd.service\\nRestart=on-failure\\nRestartSec=120s\\n[Install]\\nWantedBy=multi-user.target\",\n \"enabled\": true,\n \"name\": \"install-argocd.service\"\n }\n ]\n }\n}", "file_name": "control-plane1-ignition-user-data", "resize": 0 } ], "timeout_upload": 1800 }, "sensitive_attributes": [], "identity_schema_version": 0, "private": "bnVsbA==", "dependencies": [ "data.ct_config.control_plane1_ignition" ] } ] }, { "mode": "managed", "type": "proxmox_virtual_environment_file", "name": "control_plane2_ignition", "provider": "provider[\"registry.terraform.io/bpg/proxmox\"]", "instances": [ { "schema_version": 0, "attributes": { "content_type": "snippets", "datastore_id": "cephfs", "file_mode": null, "file_modification_date": null, "file_name": "control-plane2-ignition-user-data", "file_size": null, "file_tag": null, "id": "cephfs:snippets/control-plane2-ignition-user-data", "node_name": "hyper1", "overwrite": true, "source_file": [], "source_raw": [ { "data": "{\n \"ignition\": {\n \"config\": {\n \"replace\": {\n \"verification\": {}\n }\n },\n \"proxy\": {},\n \"security\": {\n \"tls\": {}\n },\n \"timeouts\": {},\n \"version\": \"3.4.0\"\n },\n \"kernelArguments\": {},\n \"passwd\": {\n \"users\": [\n {\n \"name\": \"core\",\n \"sshAuthorizedKeys\": [\n \"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHHEAlPo3v4U67Y3411pTjIMkQxwlFWdXrBJkSzXenDH flatcar@undercloud\"\n ]\n }\n ]\n },\n \"storage\": {\n \"directories\": [\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/opt/bin\",\n \"user\": {},\n \"mode\": 493\n },\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/opt/cni/bin\",\n \"user\": {},\n \"mode\": 493\n }\n ],\n \"files\": [\n {\n \"group\": {},\n \"path\": \"/etc/hostname\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"\",\n \"source\": \"data:,control-plane2%0A\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"path\": \"/etc/systemd/network/00-eth.network\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/4r2TSxJzojl8kvMTbVNLcnQ4uKK9kstKc8vyo7lckxJKUotLrZNSzEwsAJBIysrSyN9MxMu98SS1PLEShQZYy4Xv2CEiLGVlSHcBEMDPQM9Iz1LI30jhGaoIEQfmGOsZ8jlkp+bmJlXbFual5JalJyTX5qil5OfnJjDBQgAAP//eq4bWKsAAAA=\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/etc/hosts\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/5TRYcqDMAwG4P+eIhewNAl8H/Y2rjo2LEY6Zdcf3arQMgnTX83bB8obpH9jjTUIAEF8H27yWBvn0vnzHVO4L39tfZLl0vupuQ7WuvSTcx2Cl3mNEtol9POIZpuHMfog22DevspLTWVKiqZSc5myornQaBGeEqcxfnlzDipAeU5ngCrAec5ngBtMCyHTpR382OROqaZ6jTvlmuodZprq0/s7LhPo3R2XGfTeXgEAAP//kbvS+8wCAAA=\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/etc/motd\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/6yRwYobMQyG7/MUOmYX4lzL3sJ2oYV2A01yaG+KrMyIeOxBkodOn74kk0MPaSg0/8WWkD4+4+f/T/MMf8l6v/u0+fb5x9tHWL++vm23sHn/8v3G4B3GP+fC2HViYJM59yAGA6pDOQKCMVXlCJKPiuZayatyuMVYpwRILqO4sAEqQ1+yeDnvY46QSttyDPc89hmrd0Xl13mHiM2gKPRi1fhsZq5CniYYtHRyEL+y/2D0OIGy1eQgGaIYyZAko06zBbc4i5Ycbns84G+b5YPTnOqBNbOzAZXsWhLDkDAzvJfITfMVM7YMo+DLZZY8weJ6eWoIk1CBxXxeWiMn1gJLOCCd6gCLufHUoLaFInTug72sVnO5NNaRNcxVsJHC6QPWn6HmyEqp1BjouHr8u38HAAD//04R3qpqAwAA\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"path\": \"/etc/sysctl.d/99-k8s.conf\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/4zQX27CMAwG8HdO0QsQASqIF85imdRhFokdOVmB20/duu6PMo3vJVL0i+wvQtVxHnvHGYLaDW3ofufUbVezOzztvEpwGKObNcul4fpn3Nl4uNB8rCWsPca45lzxHKn87w4z/HRCNXCsZE4CeBWphv4KCe/L3M17Gltaho+331pvGq0HLtNQmG6/3JicjmReU+IKiZLao/WLoTgWrRweLuEdXgsZ3LD6l6nu4va7fnc8NjFLqSh+4aduv92trmRC0WUU9t0fmcr/gKACqrm09nwLAAD//0919F4+AgAA\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/etc/flatcar/update.conf\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"\",\n \"source\": \"data:,REBOOT_STRATEGY%3Doff%0A\",\n \"verification\": {}\n },\n \"mode\": 272\n },\n {\n \"group\": {},\n \"path\": \"/opt/bin/kubeadm\",\n \"user\": {},\n \"contents\": {\n \"source\": \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubeadm\",\n \"verification\": {}\n },\n \"mode\": 493\n },\n {\n \"group\": {},\n \"path\": \"/opt/bin/kubelet\",\n \"user\": {},\n \"contents\": {\n \"source\": \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubelet\",\n \"verification\": {}\n },\n \"mode\": 493\n },\n {\n \"group\": {},\n \"path\": \"/opt/bin/kubectl\",\n \"user\": {},\n \"contents\": {\n \"source\": \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubectl\",\n \"verification\": {}\n },\n \"mode\": 493\n },\n {\n \"group\": {},\n \"path\": \"/opt/bin/calicoctl\",\n \"user\": {},\n \"contents\": {\n \"source\": \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/calicoctl\",\n \"verification\": {}\n },\n \"mode\": 493\n },\n {\n \"group\": {},\n \"path\": \"/etc/kubernetes/kubeadm-join.yaml\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/6SST2+cPBDG73wKizvgBbJsfNs3yeFtpGrVrXKpejD2sBnhtdHYppt++sqwSrOVeqq4IHjmzzPPT074AuTRWcHG2IPU53Lc+RJdNW96CLLJRrRasE8O7YOzA54iyYDOZsrZQM4cjLQgMsaMU9LsD/8/WT05tCF9Y0zqGSigh73WBN4Llg+ac5GeWoj7Ol9kPVp9cBQE27ZtkzGmUtWASgZ4hrdUBdCpBu7UoKTqoO26Vm1hUJK321a2td7dd0PDh67hvGm53t51u/5ODX0rG920fZ5Zp+ELnNCH1UFa0MozCHa1UkzJS52mEx6dGiEIFi1eRFVVFG2VdBItkP7wWnqnxowt5zMQni6B5J5OfvWfhhY4/cX27Ew8QzGZeEJbaCTB8spNoTLYwwVUlZqShQC+uva/in211laLLM80euVmoLc0tncuJJfTVzeCvQYx4RFoBnrPh+XfPu604fy7SNdfVwtLKcvH+bR5VWVoCH64mSbf1ltywyqK1ssBjiNOD/sXoDWwBaZAEbKiKLI/CTMQSrWAdAva5gra86q5ZU2+wyNEnr2CNOH1539o9f7mhzLRB6BHd5a47L6T8VJGq4GUcVGXC6O/dZ+P6TYFy2vON6LtuOjqgYtBbISQeaZO5OL0SDhDCsa/+QBnnbNsPf1hCeLxH0L7FQAA///TJ/QufgMAAA==\",\n \"verification\": {}\n },\n \"mode\": 420\n }\n ]\n },\n \"systemd\": {\n \"units\": [\n {\n \"contents\": \"[Unit]\\nDescription=Load necessary kernel modules\\nBefore=containerd.service kubeadm-init.service\\n\\n[Service]\\nType=oneshot\\nExecStart=/usr/bin/modprobe br_netfilter\\nExecStart=/usr/bin/modprobe overlay\\nRemainAfterExit=yes\\n\\n[Install]\\nWantedBy=multi-user.target\\n\",\n \"enabled\": true,\n \"name\": \"modules-load.service\"\n },\n {\n \"enabled\": true,\n \"name\": \"systemd-networkd-wait-online.service\"\n },\n {\n \"contents\": \"[Unit]\\nDescription=containerd container runtime\\nAfter=network.target modules-load.service\\n\\n[Service]\\nExecStart=/usr/bin/containerd\\nRestart=always\\nRestartSec=5\\nDelegate=yes\\nKillMode=process\\nOOMScoreAdjust=-999\\n\\n[Install]\\nWantedBy=multi-user.\\n\",\n \"enabled\": true,\n \"name\": \"containerd.service\"\n },\n {\n \"contents\": \"[Unit]\\nDescription=Set Timezone\\nAfter=network-online.target\\nWants=network-online.target\\n[Service]\\nStandardOutput=journal+console\\nStandardError=journal+console\\nType=oneshot\\nRestart=on-failure\\nExecStart=/usr/bin/timedatectl set-timezone Europe/Berlin\\nExecStart=/usr/bin/timedatectl set-ntp true \\n[Install]\\nWantedBy=kubeadm.service\\n\",\n \"enabled\": true,\n \"name\": \"set-timezone.service\"\n },\n {\n \"contents\": \"[Unit]\\nDescription=kubelet, the Kubernetes Node Agent\\nDocumentation=https://kubernets.io/docs/home\\nWants=network-online.target\\nAfter=network-online.target\\n[Service]\\n#StandardOutput=journal+console\\n#StandardError=journal+console\\n#EnvironmentFile=/run/metadata/coreos\\nEnvironment=\\\"KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf\\\"\\nEnvironment=\\\"KUBELET_CONFIG_ARGS=--config=/var/lib/kubelet/config.yaml\\\"\\n# This is a file that \\\"kubeadm init\\\" and \\\"kubeadm join\\\" generates at runtime, populating the KUBELET_KUBEADM_ARGS variable dynamically\\nEnvironmentFile=-/var/lib/kubelet/kubeadm-flags.env\\nExecStart=/opt/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_CONFIG_ARGS $KUBELET_KUBEADM_ARGS $KUBELET_EXTRA_ARGS\\nRestart=always\\nStartLimitInterval=0\\nRestartSec=10\\n[Install]\\nWantedBy=multi-user.target\\n\",\n \"enabled\": true,\n \"name\": \"kubelet.service\"\n },\n {\n \"contents\": \"[Unit]\\nDescription=Join node to Kubernetes cluster\\nAfter=network-online.target containerd.service kubelet.service\\nWants=network-online.target\\n\\n[Service]\\nType=oneshot\\n# Environment\\nEnvironment=KUBECONFIG=/etc/kubernetes/admin.conf\\nEnvironment=DATASTORE_TYPE=kubernetes\\nEnvironment=PATH=/usr/bin/:/usr/sbin:/opt/bin:/opt/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent-uds/\\n\\nExecStartPre=/bin/sleep 30s\\n\\nExecStart=/opt/bin/kubeadm join --config=/etc/kubernetes/kubeadm-join.yaml\\n\\n# copy files for kubectl\\nExecStartPost=/usr/bin/mkdir -p /home/core/.kube\\nExecStartPost=/usr/bin/cp -i /etc/kubernetes/admin.conf /home/core/.kube/config\\nExecStartPost=/usr/bin/chown core:core /home/core/.kube/config\\n\\n#ExecStartPost=/usr/bin/systemctl disable kubeadm-init.service\\nRestart=on-failure\\nRestartSec=120s\\n\\n[Install]\\nWantedBy=multi-user.target\\n\",\n \"enabled\": true,\n \"name\": \"kubeadm-join.service\"\n }\n ]\n }\n}", "file_name": "control-plane2-ignition-user-data", "resize": 0 } ], "timeout_upload": 1800 }, "sensitive_attributes": [], "identity_schema_version": 0, "private": "bnVsbA==", "dependencies": [ "data.ct_config.control_plane2_ignition" ] } ] }, { "mode": "managed", "type": "proxmox_virtual_environment_file", "name": "control_plane3_ignition", "provider": "provider[\"registry.terraform.io/bpg/proxmox\"]", "instances": [ { "schema_version": 0, "attributes": { "content_type": "snippets", "datastore_id": "cephfs", "file_mode": null, "file_modification_date": null, "file_name": "control-plane3-ignition-user-data", "file_size": null, "file_tag": null, "id": "cephfs:snippets/control-plane3-ignition-user-data", "node_name": "hyper1", "overwrite": true, "source_file": [], "source_raw": [ { "data": "{\n \"ignition\": {\n \"config\": {\n \"replace\": {\n \"verification\": {}\n }\n },\n \"proxy\": {},\n \"security\": {\n \"tls\": {}\n },\n \"timeouts\": {},\n \"version\": \"3.4.0\"\n },\n \"kernelArguments\": {},\n \"passwd\": {\n \"users\": [\n {\n \"name\": \"core\",\n \"sshAuthorizedKeys\": [\n \"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHHEAlPo3v4U67Y3411pTjIMkQxwlFWdXrBJkSzXenDH flatcar@undercloud\"\n ]\n }\n ]\n },\n \"storage\": {\n \"directories\": [\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/opt/bin\",\n \"user\": {},\n \"mode\": 493\n },\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/opt/cni/bin\",\n \"user\": {},\n \"mode\": 493\n }\n ],\n \"files\": [\n {\n \"group\": {},\n \"path\": \"/etc/hostname\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"\",\n \"source\": \"data:,control-plane3%0A\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"path\": \"/etc/systemd/network/00-eth.network\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/4r2TSxJzojl8kvMTbVNLcnQ4uKK9kstKc8vyo7lckxJKUotLrZNSzEwsAJBIysrS2N9MxMu98SS1PLEShQZYy4Xv2CEiLGVlSHcBEMDPQM9Iz1LY30jhGaoIEQfmGOsZ8jlkp+bmJlXbFual5JalJyTX5qil5OfnJjDBQgAAP//Pdw6fqsAAAA=\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/etc/hosts\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/5TRYcqDMAwG4P+eIhewNAl8H/Y2rjo2LEY6Zdcf3arQMgnTX83bB8obpH9jjTUIAEF8H27yWBvn0vnzHVO4L39tfZLl0vupuQ7WuvSTcx2Cl3mNEtol9POIZpuHMfog22DevspLTWVKiqZSc5myornQaBGeEqcxfnlzDipAeU5ngCrAec5ngBtMCyHTpR382OROqaZ6jTvlmuodZprq0/s7LhPo3R2XGfTeXgEAAP//kbvS+8wCAAA=\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/etc/motd\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/6yRwYobMQyG7/MUOmYX4lzL3sJ2oYV2A01yaG+KrMyIeOxBkodOn74kk0MPaSg0/8WWkD4+4+f/T/MMf8l6v/u0+fb5x9tHWL++vm23sHn/8v3G4B3GP+fC2HViYJM59yAGA6pDOQKCMVXlCJKPiuZayatyuMVYpwRILqO4sAEqQ1+yeDnvY46QSttyDPc89hmrd0Xl13mHiM2gKPRi1fhsZq5CniYYtHRyEL+y/2D0OIGy1eQgGaIYyZAko06zBbc4i5Ycbns84G+b5YPTnOqBNbOzAZXsWhLDkDAzvJfITfMVM7YMo+DLZZY8weJ6eWoIk1CBxXxeWiMn1gJLOCCd6gCLufHUoLaFInTug72sVnO5NNaRNcxVsJHC6QPWn6HmyEqp1BjouHr8u38HAAD//04R3qpqAwAA\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"path\": \"/etc/sysctl.d/99-k8s.conf\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/4zQX27CMAwG8HdO0QsQASqIF85imdRhFokdOVmB20/duu6PMo3vJVL0i+wvQtVxHnvHGYLaDW3ofufUbVezOzztvEpwGKObNcul4fpn3Nl4uNB8rCWsPca45lzxHKn87w4z/HRCNXCsZE4CeBWphv4KCe/L3M17Gltaho+331pvGq0HLtNQmG6/3JicjmReU+IKiZLao/WLoTgWrRweLuEdXgsZ3LD6l6nu4va7fnc8NjFLqSh+4aduv92trmRC0WUU9t0fmcr/gKACqrm09nwLAAD//0919F4+AgAA\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/etc/flatcar/update.conf\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"\",\n \"source\": \"data:,REBOOT_STRATEGY%3Doff%0A\",\n \"verification\": {}\n },\n \"mode\": 272\n },\n {\n \"group\": {},\n \"path\": \"/opt/bin/kubeadm\",\n \"user\": {},\n \"contents\": {\n \"source\": \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubeadm\",\n \"verification\": {}\n },\n \"mode\": 493\n },\n {\n \"group\": {},\n \"path\": \"/opt/bin/kubelet\",\n \"user\": {},\n \"contents\": {\n \"source\": \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubelet\",\n \"verification\": {}\n },\n \"mode\": 493\n },\n {\n \"group\": {},\n \"path\": \"/opt/bin/kubectl\",\n \"user\": {},\n \"contents\": {\n \"source\": \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubectl\",\n \"verification\": {}\n },\n \"mode\": 493\n },\n {\n \"group\": {},\n \"path\": \"/opt/bin/calicoctl\",\n \"user\": {},\n \"contents\": {\n \"source\": \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/calicoctl\",\n \"verification\": {}\n },\n \"mode\": 493\n },\n {\n \"group\": {},\n \"path\": \"/etc/kubernetes/kubeadm-join.yaml\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/6SST2+cPBDG73wKizvgXciy8W3fJIe3kapVt8ql6sHYAxnhtdHYppt++sqwSrOVeqq4IHjmzzPPT074AuTRWcHG2IHU53Lc+xJdNW86CLLORrRasE8O7YOzPQ6RZEBnM+VsIGeORloQGWPGKWkOx/+frJ4c2pC+MSb1DBTQw0FrAu8Fy3vNuUjPVoj7Ol9kHVp9dBQE2zVNnTGmUlWPSgZ4hrdUBdCqGu5Ur6RqoWnbRu2gV5I3u0Y2W72/b/ua923Ned1wvbtr992d6rtG1rpuujyzTsMXGNCH1UFa0MozCHa1UkzJyzKd8OTUCEGwaPEiqqqiaKukk2iB9IfX0js1Zmw5n4HwdAkkDzT41X8aWuD0F9uzM/EMxWTigLbQSILllZtCZbCDC6gqNSULAXx17X8V+2qtrRZZnmn0ys1Ab2ls51xILqevbgR7DWLCE9AM9J4Py7993GnD+XeRrr+uFpZSlo/zsHlVZagJfriZJt9sd+T6VRStlz2cRpweDi9Aa2ALTIEiZEVRZH8SZiCUagHpFrTNFbTnVXPLmnyHR4g8ewVpwuvP/9Dqw80PZaIPQI/uLHHZfS/jpYxWAynjoi4XRn/rPp/SbQqWbznfiKblot32XPRiI4TMMzWQi9Mj4QwpGP/mA5x1zrL19McliMd/CO1XAAAA//8qgsmcfgMAAA==\",\n \"verification\": {}\n },\n \"mode\": 420\n }\n ]\n },\n \"systemd\": {\n \"units\": [\n {\n \"contents\": \"[Unit]\\nDescription=Load necessary kernel modules\\nBefore=containerd.service kubeadm-init.service\\n\\n[Service]\\nType=oneshot\\nExecStart=/usr/bin/modprobe br_netfilter\\nExecStart=/usr/bin/modprobe overlay\\nRemainAfterExit=yes\\n\\n[Install]\\nWantedBy=multi-user.target\\n\",\n \"enabled\": true,\n \"name\": \"modules-load.service\"\n },\n {\n \"enabled\": true,\n \"name\": \"systemd-networkd-wait-online.service\"\n },\n {\n \"contents\": \"[Unit]\\nDescription=containerd container runtime\\nAfter=network.target modules-load.service\\n\\n[Service]\\nExecStart=/usr/bin/containerd\\nRestart=always\\nRestartSec=5\\nDelegate=yes\\nKillMode=process\\nOOMScoreAdjust=-999\\n\\n[Install]\\nWantedBy=multi-user.\\n\",\n \"enabled\": true,\n \"name\": \"containerd.service\"\n },\n {\n \"contents\": \"[Unit]\\nDescription=Set Timezone\\nAfter=network-online.target\\nWants=network-online.target\\n[Service]\\nStandardOutput=journal+console\\nStandardError=journal+console\\nType=oneshot\\nRestart=on-failure\\nExecStart=/usr/bin/timedatectl set-timezone Europe/Berlin\\nExecStart=/usr/bin/timedatectl set-ntp true \\n[Install]\\nWantedBy=kubeadm.service\\n\",\n \"enabled\": true,\n \"name\": \"set-timezone.service\"\n },\n {\n \"contents\": \"[Unit]\\nDescription=kubelet, the Kubernetes Node Agent\\nDocumentation=https://kubernets.io/docs/home\\nWants=network-online.target\\nAfter=network-online.target\\n[Service]\\n#StandardOutput=journal+console\\n#StandardError=journal+console\\n#EnvironmentFile=/run/metadata/coreos\\nEnvironment=\\\"KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf\\\"\\nEnvironment=\\\"KUBELET_CONFIG_ARGS=--config=/var/lib/kubelet/config.yaml\\\"\\n# This is a file that \\\"kubeadm init\\\" and \\\"kubeadm join\\\" generates at runtime, populating the KUBELET_KUBEADM_ARGS variable dynamically\\nEnvironmentFile=-/var/lib/kubelet/kubeadm-flags.env\\nExecStart=/opt/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_CONFIG_ARGS $KUBELET_KUBEADM_ARGS $KUBELET_EXTRA_ARGS\\nRestart=always\\nStartLimitInterval=0\\nRestartSec=10\\n[Install]\\nWantedBy=multi-user.target\\n\",\n \"enabled\": true,\n \"name\": \"kubelet.service\"\n },\n {\n \"contents\": \"[Unit]\\nDescription=Join node to Kubernetes cluster\\nAfter=network-online.target containerd.service kubelet.service\\nWants=network-online.target\\n\\n[Service]\\nType=oneshot\\n# Environment\\nEnvironment=KUBECONFIG=/etc/kubernetes/admin.conf\\nEnvironment=DATASTORE_TYPE=kubernetes\\nEnvironment=PATH=/usr/bin/:/usr/sbin:/opt/bin:/opt/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent-uds/\\n\\nExecStartPre=/bin/sleep 30s\\n\\nExecStart=/opt/bin/kubeadm join --config=/etc/kubernetes/kubeadm-join.yaml\\n\\n# copy files for kubectl\\nExecStartPost=/usr/bin/mkdir -p /home/core/.kube\\nExecStartPost=/usr/bin/cp -i /etc/kubernetes/admin.conf /home/core/.kube/config\\nExecStartPost=/usr/bin/chown core:core /home/core/.kube/config\\n\\n#ExecStartPost=/usr/bin/systemctl disable kubeadm-init.service\\nRestart=on-failure\\nRestartSec=120s\\n\\n[Install]\\nWantedBy=multi-user.target\\n\",\n \"enabled\": true,\n \"name\": \"kubeadm-join.service\"\n }\n ]\n }\n}", "file_name": "control-plane3-ignition-user-data", "resize": 0 } ], "timeout_upload": 1800 }, "sensitive_attributes": [], "identity_schema_version": 0, "private": "bnVsbA==", "dependencies": [ "data.ct_config.control_plane3_ignition" ] } ] }, { "mode": "managed", "type": "proxmox_virtual_environment_file", "name": "worker1_ignition", "provider": "provider[\"registry.terraform.io/bpg/proxmox\"]", "instances": [ { "schema_version": 0, "attributes": { "content_type": "snippets", "datastore_id": "cephfs", "file_mode": null, "file_modification_date": null, "file_name": "worker1-ignition-user-data", "file_size": null, "file_tag": null, "id": "cephfs:snippets/worker1-ignition-user-data", "node_name": "hyper1", "overwrite": true, "source_file": [], "source_raw": [ { "data": "{\n \"ignition\": {\n \"config\": {\n \"replace\": {\n \"verification\": {}\n }\n },\n \"proxy\": {},\n \"security\": {\n \"tls\": {}\n },\n \"timeouts\": {},\n \"version\": \"3.4.0\"\n },\n \"kernelArguments\": {},\n \"passwd\": {\n \"users\": [\n {\n \"name\": \"core\",\n \"sshAuthorizedKeys\": [\n \"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHHEAlPo3v4U67Y3411pTjIMkQxwlFWdXrBJkSzXenDH flatcar@undercloud\"\n ]\n }\n ]\n },\n \"storage\": {\n \"directories\": [\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/opt/bin\",\n \"user\": {},\n \"mode\": 493\n },\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/opt/cni/bin\",\n \"user\": {},\n \"mode\": 493\n }\n ],\n \"files\": [\n {\n \"group\": {},\n \"path\": \"/etc/hostname\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"\",\n \"source\": \"data:,worker1%0A\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"path\": \"/etc/systemd/network/00-eth.network\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/4r2TSxJzojl8kvMTbVNLcnQ4uKK9kstKc8vyo7lckxJKUotLrZNSzEwsAJBIysrQwNDfTMTLvfEktTyxEoUKWMuF79ghIixlZUh3AhDAz0DPSM9kG4jhG6oKEQjmGOsZ8jlkp+bmJlXbFual5JalJyTX5qil5OfnJjDBQgAAP//u2Lr160AAAA=\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/etc/hosts\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/5TRYcqDMAwG4P+eIhewNAl8H/Y2rjo2LEY6Zdcf3arQMgnTX83bB8obpH9jjTUIAEF8H27yWBvn0vnzHVO4L39tfZLl0vupuQ7WuvSTcx2Cl3mNEtol9POIZpuHMfog22DevspLTWVKiqZSc5myornQaBGeEqcxfnlzDipAeU5ngCrAec5ngBtMCyHTpR382OROqaZ6jTvlmuodZprq0/s7LhPo3R2XGfTeXgEAAP//kbvS+8wCAAA=\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/etc/motd\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/6yRwYobMQyG7/MUOmYX4lzL3sJ2oYV2A01yaG+KrMyIeOxBkodOn74kk0MPaSg0/8WWkD4+4+f/T/MMf8l6v/u0+fb5x9tHWL++vm23sHn/8v3G4B3GP+fC2HViYJM59yAGA6pDOQKCMVXlCJKPiuZayatyuMVYpwRILqO4sAEqQ1+yeDnvY46QSttyDPc89hmrd0Xl13mHiM2gKPRi1fhsZq5CniYYtHRyEL+y/2D0OIGy1eQgGaIYyZAko06zBbc4i5Ycbns84G+b5YPTnOqBNbOzAZXsWhLDkDAzvJfITfMVM7YMo+DLZZY8weJ6eWoIk1CBxXxeWiMn1gJLOCCd6gCLufHUoLaFInTug72sVnO5NNaRNcxVsJHC6QPWn6HmyEqp1BjouHr8u38HAAD//04R3qpqAwAA\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"path\": \"/etc/sysctl.d/99-k8s.conf\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/4zQX27CMAwG8HdO0QsQASqIF85imdRhFokdOVmB20/duu6PMo3vJVL0i+wvQtVxHnvHGYLaDW3ofufUbVezOzztvEpwGKObNcul4fpn3Nl4uNB8rCWsPca45lzxHKn87w4z/HRCNXCsZE4CeBWphv4KCe/L3M17Gltaho+331pvGq0HLtNQmG6/3JicjmReU+IKiZLao/WLoTgWrRweLuEdXgsZ3LD6l6nu4va7fnc8NjFLqSh+4aduv92trmRC0WUU9t0fmcr/gKACqrm09nwLAAD//0919F4+AgAA\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/etc/flatcar/update.conf\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"\",\n \"source\": \"data:,REBOOT_STRATEGY%3Doff%0A\",\n \"verification\": {}\n },\n \"mode\": 272\n },\n {\n \"group\": {},\n \"path\": \"/opt/bin/kubeadm\",\n \"user\": {},\n \"contents\": {\n \"source\": \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubeadm\",\n \"verification\": {}\n },\n \"mode\": 493\n },\n {\n \"group\": {},\n \"path\": \"/opt/bin/kubelet\",\n \"user\": {},\n \"contents\": {\n \"source\": \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubelet\",\n \"verification\": {}\n },\n \"mode\": 493\n },\n {\n \"group\": {},\n \"path\": \"/opt/bin/kubectl\",\n \"user\": {},\n \"contents\": {\n \"source\": \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubectl\",\n \"verification\": {}\n },\n \"mode\": 493\n },\n {\n \"group\": {},\n \"path\": \"/opt/bin/calicoctl\",\n \"user\": {},\n \"contents\": {\n \"source\": \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/calicoctl\",\n \"verification\": {}\n },\n \"mode\": 493\n },\n {\n \"group\": {},\n \"path\": \"/etc/kubernetes/kubeadm-join.yaml\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/6SRQW/bMAyF7/4Vgu627CRoC96yppcNGIZl6GXYQZFoh7AjGpTkpvv1g+0AW3YtdBHER/LpfXakV5RIHED1+YTWX6r+KVbEZmpOmOy26Cl4UJ+ZwjOHlrosNhGHIrDH79hRTOsDFEoFe0FQbyw9SlMo5YSO7HpMoHKgKxhjJAfjOCRLAcX/c60iu75Qi40B08s1id1LF+e5Ss3bShpB6dbXNcxnA9DUjV7KEw/5guU45I5C6UlAacNjMgOd8IrOzFMlYMJobgtu4mjWXrPIdOEpOp5Q3ue9J+Y0/2/8wT2G1Ykd6YgyobwEPzKFBEr/vDdV/4KH3W67WktLq9L91DVnV6Wt4BtPMsbd5kG4XUU5RNvisafxef+KQi25NVSVJGNRlmXxP6oBU+UWIvfEmhuxL6vmHpr1XjBGUBpAF2e0Qzr//kTB7+8KbsgxoRz4Ymnx/mTztcrBo7iBs68Gdnb4q/t6nLMpld7UdQO7xxoeN20NLTQAVheuE87jQWjCGUx8jwkvXqtijf7bAuLwAWh/AgAA//+YntpNxwIAAA==\",\n \"verification\": {}\n },\n \"mode\": 420\n }\n ]\n },\n \"systemd\": {\n \"units\": [\n {\n \"contents\": \"[Unit]\\nDescription=Load necessary kernel modules\\nBefore=containerd.service kubeadm-init.service\\n\\n[Service]\\nType=oneshot\\nExecStart=/usr/bin/modprobe br_netfilter\\nExecStart=/usr/bin/modprobe overlay\\nRemainAfterExit=yes\\n\\n[Install]\\nWantedBy=multi-user.target\\n\",\n \"enabled\": true,\n \"name\": \"modules-load.service\"\n },\n {\n \"enabled\": true,\n \"name\": \"systemd-networkd-wait-online.service\"\n },\n {\n \"contents\": \"[Unit]\\nDescription=containerd container runtime\\nAfter=network.target modules-load.service\\n\\n[Service]\\nExecStart=/usr/bin/containerd\\nRestart=always\\nRestartSec=5\\nDelegate=yes\\nKillMode=process\\nOOMScoreAdjust=-999\\n\\n[Install]\\nWantedBy=multi-user.\\n\",\n \"enabled\": true,\n \"name\": \"containerd.service\"\n },\n {\n \"contents\": \"[Unit]\\nDescription=Set Timezone\\nAfter=network-online.target\\nWants=network-online.target\\n[Service]\\nStandardOutput=journal+console\\nStandardError=journal+console\\nType=oneshot\\nRestart=on-failure\\nExecStart=/usr/bin/timedatectl set-timezone Europe/Berlin\\nExecStart=/usr/bin/timedatectl set-ntp true \\n[Install]\\nWantedBy=kubeadm.service\\n\",\n \"enabled\": true,\n \"name\": \"set-timezone.service\"\n },\n {\n \"contents\": \"[Unit]\\nDescription=kubelet, the Kubernetes Node Agent\\nDocumentation=https://kubernets.io/docs/home\\nWants=network-online.target\\nAfter=network-online.target\\n[Service]\\n#StandardOutput=journal+console\\n#StandardError=journal+console\\n#EnvironmentFile=/run/metadata/coreos\\nEnvironment=\\\"KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf\\\"\\nEnvironment=\\\"KUBELET_CONFIG_ARGS=--config=/var/lib/kubelet/config.yaml\\\"\\n# This is a file that \\\"kubeadm init\\\" and \\\"kubeadm join\\\" generates at runtime, populating the KUBELET_KUBEADM_ARGS variable dynamically\\nEnvironmentFile=-/var/lib/kubelet/kubeadm-flags.env\\nExecStart=/opt/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_CONFIG_ARGS $KUBELET_KUBEADM_ARGS $KUBELET_EXTRA_ARGS\\nRestart=always\\nStartLimitInterval=0\\nRestartSec=10\\n[Install]\\nWantedBy=multi-user.target\\n\",\n \"enabled\": true,\n \"name\": \"kubelet.service\"\n },\n {\n \"contents\": \"[Unit]\\nDescription=Join node to Kubernetes cluster\\nAfter=network-online.target containerd.service kubelet.service\\nWants=network-online.target\\n\\n[Service]\\nType=oneshot\\n# Environment\\nEnvironment=KUBECONFIG=/etc/kubernetes/admin.conf\\nEnvironment=DATASTORE_TYPE=kubernetes\\nEnvironment=PATH=/usr/bin/:/usr/sbin:/opt/bin:/opt/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent-uds/\\n\\nExecStartPre=/bin/sleep 30s\\n\\nExecStart=/opt/bin/kubeadm join --config=/etc/kubernetes/kubeadm-join.yaml\\n\\n#ExecStartPost=/usr/bin/systemctl disable kubeadm-init.service\\nRestart=on-failure\\nRestartSec=120s\\n\\n[Install]\\nWantedBy=multi-user.target\\n\",\n \"enabled\": true,\n \"name\": \"kubeadm-join.service\"\n }\n ]\n }\n}", "file_name": "worker1-ignition-user-data", "resize": 0 } ], "timeout_upload": 1800 }, "sensitive_attributes": [], "identity_schema_version": 0, "private": "bnVsbA==", "dependencies": [ "data.ct_config.worker1_ignition" ] } ] }, { "mode": "managed", "type": "proxmox_virtual_environment_file", "name": "worker2_ignition", "provider": "provider[\"registry.terraform.io/bpg/proxmox\"]", "instances": [ { "schema_version": 0, "attributes": { "content_type": "snippets", "datastore_id": "cephfs", "file_mode": null, "file_modification_date": null, "file_name": "worker2-ignition-user-data", "file_size": null, "file_tag": null, "id": "cephfs:snippets/worker2-ignition-user-data", "node_name": "hyper1", "overwrite": true, "source_file": [], "source_raw": [ { "data": "{\n \"ignition\": {\n \"config\": {\n \"replace\": {\n \"verification\": {}\n }\n },\n \"proxy\": {},\n \"security\": {\n \"tls\": {}\n },\n \"timeouts\": {},\n \"version\": \"3.4.0\"\n },\n \"kernelArguments\": {},\n \"passwd\": {\n \"users\": [\n {\n \"name\": \"core\",\n \"sshAuthorizedKeys\": [\n \"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHHEAlPo3v4U67Y3411pTjIMkQxwlFWdXrBJkSzXenDH flatcar@undercloud\"\n ]\n }\n ]\n },\n \"storage\": {\n \"directories\": [\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/opt/bin\",\n \"user\": {},\n \"mode\": 493\n },\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/opt/cni/bin\",\n \"user\": {},\n \"mode\": 493\n }\n ],\n \"files\": [\n {\n \"group\": {},\n \"path\": \"/etc/hostname\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"\",\n \"source\": \"data:,worker2%0A\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"path\": \"/etc/systemd/network/00-eth.network\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/4r2TSxJzojl8kvMTbVNLcnQ4uKK9kstKc8vyo7lckxJKUotLrZNSzEwsAJBIysrQwMjfTMTLvfEktTyxEoUKWMuF79ghIixlZUh3AhDAz0DPSM9kG4jhG6oKEQjmGOsZ8jlkp+bmJlXbFual5JalJyTX5qil5OfnJjDBQgAAP//qDlrN60AAAA=\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/etc/hosts\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/5TRYcqDMAwG4P+eIhewNAl8H/Y2rjo2LEY6Zdcf3arQMgnTX83bB8obpH9jjTUIAEF8H27yWBvn0vnzHVO4L39tfZLl0vupuQ7WuvSTcx2Cl3mNEtol9POIZpuHMfog22DevspLTWVKiqZSc5myornQaBGeEqcxfnlzDipAeU5ngCrAec5ngBtMCyHTpR382OROqaZ6jTvlmuodZprq0/s7LhPo3R2XGfTeXgEAAP//kbvS+8wCAAA=\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/etc/motd\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/6yRwYobMQyG7/MUOmYX4lzL3sJ2oYV2A01yaG+KrMyIeOxBkodOn74kk0MPaSg0/8WWkD4+4+f/T/MMf8l6v/u0+fb5x9tHWL++vm23sHn/8v3G4B3GP+fC2HViYJM59yAGA6pDOQKCMVXlCJKPiuZayatyuMVYpwRILqO4sAEqQ1+yeDnvY46QSttyDPc89hmrd0Xl13mHiM2gKPRi1fhsZq5CniYYtHRyEL+y/2D0OIGy1eQgGaIYyZAko06zBbc4i5Ycbns84G+b5YPTnOqBNbOzAZXsWhLDkDAzvJfITfMVM7YMo+DLZZY8weJ6eWoIk1CBxXxeWiMn1gJLOCCd6gCLufHUoLaFInTug72sVnO5NNaRNcxVsJHC6QPWn6HmyEqp1BjouHr8u38HAAD//04R3qpqAwAA\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"path\": \"/etc/sysctl.d/99-k8s.conf\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/4zQX27CMAwG8HdO0QsQASqIF85imdRhFokdOVmB20/duu6PMo3vJVL0i+wvQtVxHnvHGYLaDW3ofufUbVezOzztvEpwGKObNcul4fpn3Nl4uNB8rCWsPca45lzxHKn87w4z/HRCNXCsZE4CeBWphv4KCe/L3M17Gltaho+331pvGq0HLtNQmG6/3JicjmReU+IKiZLao/WLoTgWrRweLuEdXgsZ3LD6l6nu4va7fnc8NjFLqSh+4aduv92trmRC0WUU9t0fmcr/gKACqrm09nwLAAD//0919F4+AgAA\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/etc/flatcar/update.conf\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"\",\n \"source\": \"data:,REBOOT_STRATEGY%3Doff%0A\",\n \"verification\": {}\n },\n \"mode\": 272\n },\n {\n \"group\": {},\n \"path\": \"/opt/bin/kubeadm\",\n \"user\": {},\n \"contents\": {\n \"source\": \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubeadm\",\n \"verification\": {}\n },\n \"mode\": 493\n },\n {\n \"group\": {},\n \"path\": \"/opt/bin/kubelet\",\n \"user\": {},\n \"contents\": {\n \"source\": \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubelet\",\n \"verification\": {}\n },\n \"mode\": 493\n },\n {\n \"group\": {},\n \"path\": \"/opt/bin/kubectl\",\n \"user\": {},\n \"contents\": {\n \"source\": \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubectl\",\n \"verification\": {}\n },\n \"mode\": 493\n },\n {\n \"group\": {},\n \"path\": \"/opt/bin/calicoctl\",\n \"user\": {},\n \"contents\": {\n \"source\": \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/calicoctl\",\n \"verification\": {}\n },\n \"mode\": 493\n },\n {\n \"group\": {},\n \"path\": \"/etc/kubernetes/kubeadm-join.yaml\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/6SRQW/bPgzF7/4Ugu62bDdoC97yb3r5DxiGZehl2EGRaIewIxqU5Kb79IPtAFt2HXQRxEfy6f3sRG8okTiAGvIJrb9Uw3OsiM3cnDDZh2Kg4EH9zxReOHTUZ7GJOBSBPX7FnmLaHqBQKtgLgnpnGVDaQikndGQ3YAKVA13BGCM5GMchWQoo/o9rFdkNhVptjJher0nsXvq4zFVq2VbSBEp3vq5hOS1AU7d6Lc885guW05h7CqUnAaUNT8mMdMIrOrNMlYAJo7ktuImj2XrNKtOFp+h4RvlY9p6Y0/K/6RsPGDYndqIjyozyGvzEFBIo/f3eVP0DHne7h81aWluVHua+ObsqPQi+8yxT3LWPwt0myiHaDo8DTS/7NxTqyG2hqiQZi7Isi79RjZgqtxK5J9bciH3aNPfQrPeCMYLSALo4ox3T+ed/FPz+ruDGHBPKgS+WVu/PNl+rHDyKGzn7amRnx9+6z8clm1Lptq4b2D3V8NR2NXTQAFhduF44TwehGRcw8SMmvHitii36LyuIwz9A+xUAAP//0WjE18cCAAA=\",\n \"verification\": {}\n },\n \"mode\": 420\n }\n ]\n },\n \"systemd\": {\n \"units\": [\n {\n \"contents\": \"[Unit]\\nDescription=Load necessary kernel modules\\nBefore=containerd.service kubeadm-init.service\\n\\n[Service]\\nType=oneshot\\nExecStart=/usr/bin/modprobe br_netfilter\\nExecStart=/usr/bin/modprobe overlay\\nRemainAfterExit=yes\\n\\n[Install]\\nWantedBy=multi-user.target\\n\",\n \"enabled\": true,\n \"name\": \"modules-load.service\"\n },\n {\n \"enabled\": true,\n \"name\": \"systemd-networkd-wait-online.service\"\n },\n {\n \"contents\": \"[Unit]\\nDescription=containerd container runtime\\nAfter=network.target modules-load.service\\n\\n[Service]\\nExecStart=/usr/bin/containerd\\nRestart=always\\nRestartSec=5\\nDelegate=yes\\nKillMode=process\\nOOMScoreAdjust=-999\\n\\n[Install]\\nWantedBy=multi-user.\\n\",\n \"enabled\": true,\n \"name\": \"containerd.service\"\n },\n {\n \"contents\": \"[Unit]\\nDescription=Set Timezone\\nAfter=network-online.target\\nWants=network-online.target\\n[Service]\\nStandardOutput=journal+console\\nStandardError=journal+console\\nType=oneshot\\nRestart=on-failure\\nExecStart=/usr/bin/timedatectl set-timezone Europe/Berlin\\nExecStart=/usr/bin/timedatectl set-ntp true \\n[Install]\\nWantedBy=kubeadm.service\\n\",\n \"enabled\": true,\n \"name\": \"set-timezone.service\"\n },\n {\n \"contents\": \"[Unit]\\nDescription=kubelet, the Kubernetes Node Agent\\nDocumentation=https://kubernets.io/docs/home\\nWants=network-online.target\\nAfter=network-online.target\\n[Service]\\n#StandardOutput=journal+console\\n#StandardError=journal+console\\n#EnvironmentFile=/run/metadata/coreos\\nEnvironment=\\\"KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf\\\"\\nEnvironment=\\\"KUBELET_CONFIG_ARGS=--config=/var/lib/kubelet/config.yaml\\\"\\n# This is a file that \\\"kubeadm init\\\" and \\\"kubeadm join\\\" generates at runtime, populating the KUBELET_KUBEADM_ARGS variable dynamically\\nEnvironmentFile=-/var/lib/kubelet/kubeadm-flags.env\\nExecStart=/opt/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_CONFIG_ARGS $KUBELET_KUBEADM_ARGS $KUBELET_EXTRA_ARGS\\nRestart=always\\nStartLimitInterval=0\\nRestartSec=10\\n[Install]\\nWantedBy=multi-user.target\\n\",\n \"enabled\": true,\n \"name\": \"kubelet.service\"\n },\n {\n \"contents\": \"[Unit]\\nDescription=Join node to Kubernetes cluster\\nAfter=network-online.target containerd.service kubelet.service\\nWants=network-online.target\\n\\n[Service]\\nType=oneshot\\n# Environment\\nEnvironment=KUBECONFIG=/etc/kubernetes/admin.conf\\nEnvironment=DATASTORE_TYPE=kubernetes\\nEnvironment=PATH=/usr/bin/:/usr/sbin:/opt/bin:/opt/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent-uds/\\n\\nExecStartPre=/bin/sleep 30s\\n\\nExecStart=/opt/bin/kubeadm join --config=/etc/kubernetes/kubeadm-join.yaml\\n\\n#ExecStartPost=/usr/bin/systemctl disable kubeadm-init.service\\nRestart=on-failure\\nRestartSec=120s\\n\\n[Install]\\nWantedBy=multi-user.target\\n\",\n \"enabled\": true,\n \"name\": \"kubeadm-join.service\"\n }\n ]\n }\n}", "file_name": "worker2-ignition-user-data", "resize": 0 } ], "timeout_upload": 1800 }, "sensitive_attributes": [], "identity_schema_version": 0, "private": "bnVsbA==", "dependencies": [ "data.ct_config.worker2_ignition" ] } ] }, { "mode": "managed", "type": "proxmox_virtual_environment_file", "name": "worker3_ignition", "provider": "provider[\"registry.terraform.io/bpg/proxmox\"]", "instances": [ { "schema_version": 0, "attributes": { "content_type": "snippets", "datastore_id": "cephfs", "file_mode": null, "file_modification_date": null, "file_name": "worker3-ignition-user-data", "file_size": null, "file_tag": null, "id": "cephfs:snippets/worker3-ignition-user-data", "node_name": "hyper1", "overwrite": true, "source_file": [], "source_raw": [ { "data": "{\n \"ignition\": {\n \"config\": {\n \"replace\": {\n \"verification\": {}\n }\n },\n \"proxy\": {},\n \"security\": {\n \"tls\": {}\n },\n \"timeouts\": {},\n \"version\": \"3.4.0\"\n },\n \"kernelArguments\": {},\n \"passwd\": {\n \"users\": [\n {\n \"name\": \"core\",\n \"sshAuthorizedKeys\": [\n \"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHHEAlPo3v4U67Y3411pTjIMkQxwlFWdXrBJkSzXenDH flatcar@undercloud\"\n ]\n }\n ]\n },\n \"storage\": {\n \"directories\": [\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/opt/bin\",\n \"user\": {},\n \"mode\": 493\n },\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/opt/cni/bin\",\n \"user\": {},\n \"mode\": 493\n }\n ],\n \"files\": [\n {\n \"group\": {},\n \"path\": \"/etc/hostname\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"\",\n \"source\": \"data:,worker3%0A\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"path\": \"/etc/systemd/network/00-eth.network\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/4r2TSxJzojl8kvMTbVNLcnQ4uKK9kstKc8vyo7lckxJKUotLrZNSzEwsAJBIysrQwNjfTMTLvfEktTyxEoUKWMuF79ghIixlZUh3AhDAz0DPSM9kG4jhG6oKEQjmGOsZ8jlkp+bmJlXbFual5JalJyTX5qil5OfnJjDBQgAAP//WQ/raK0AAAA=\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/etc/hosts\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/5TRYcqDMAwG4P+eIhewNAl8H/Y2rjo2LEY6Zdcf3arQMgnTX83bB8obpH9jjTUIAEF8H27yWBvn0vnzHVO4L39tfZLl0vupuQ7WuvSTcx2Cl3mNEtol9POIZpuHMfog22DevspLTWVKiqZSc5myornQaBGeEqcxfnlzDipAeU5ngCrAec5ngBtMCyHTpR382OROqaZ6jTvlmuodZprq0/s7LhPo3R2XGfTeXgEAAP//kbvS+8wCAAA=\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/etc/motd\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/6yRwYobMQyG7/MUOmYX4lzL3sJ2oYV2A01yaG+KrMyIeOxBkodOn74kk0MPaSg0/8WWkD4+4+f/T/MMf8l6v/u0+fb5x9tHWL++vm23sHn/8v3G4B3GP+fC2HViYJM59yAGA6pDOQKCMVXlCJKPiuZayatyuMVYpwRILqO4sAEqQ1+yeDnvY46QSttyDPc89hmrd0Xl13mHiM2gKPRi1fhsZq5CniYYtHRyEL+y/2D0OIGy1eQgGaIYyZAko06zBbc4i5Ycbns84G+b5YPTnOqBNbOzAZXsWhLDkDAzvJfITfMVM7YMo+DLZZY8weJ6eWoIk1CBxXxeWiMn1gJLOCCd6gCLufHUoLaFInTug72sVnO5NNaRNcxVsJHC6QPWn6HmyEqp1BjouHr8u38HAAD//04R3qpqAwAA\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"path\": \"/etc/sysctl.d/99-k8s.conf\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/4zQX27CMAwG8HdO0QsQASqIF85imdRhFokdOVmB20/duu6PMo3vJVL0i+wvQtVxHnvHGYLaDW3ofufUbVezOzztvEpwGKObNcul4fpn3Nl4uNB8rCWsPca45lzxHKn87w4z/HRCNXCsZE4CeBWphv4KCe/L3M17Gltaho+331pvGq0HLtNQmG6/3JicjmReU+IKiZLao/WLoTgWrRweLuEdXgsZ3LD6l6nu4va7fnc8NjFLqSh+4aduv92trmRC0WUU9t0fmcr/gKACqrm09nwLAAD//0919F4+AgAA\",\n \"verification\": {}\n },\n \"mode\": 420\n },\n {\n \"group\": {},\n \"overwrite\": true,\n \"path\": \"/etc/flatcar/update.conf\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"\",\n \"source\": \"data:,REBOOT_STRATEGY%3Doff%0A\",\n \"verification\": {}\n },\n \"mode\": 272\n },\n {\n \"group\": {},\n \"path\": \"/opt/bin/kubeadm\",\n \"user\": {},\n \"contents\": {\n \"source\": \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubeadm\",\n \"verification\": {}\n },\n \"mode\": 493\n },\n {\n \"group\": {},\n \"path\": \"/opt/bin/kubelet\",\n \"user\": {},\n \"contents\": {\n \"source\": \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubelet\",\n \"verification\": {}\n },\n \"mode\": 493\n },\n {\n \"group\": {},\n \"path\": \"/opt/bin/kubectl\",\n \"user\": {},\n \"contents\": {\n \"source\": \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubectl\",\n \"verification\": {}\n },\n \"mode\": 493\n },\n {\n \"group\": {},\n \"path\": \"/opt/bin/calicoctl\",\n \"user\": {},\n \"contents\": {\n \"source\": \"http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/calicoctl\",\n \"verification\": {}\n },\n \"mode\": 493\n },\n {\n \"group\": {},\n \"path\": \"/etc/kubernetes/kubeadm-join.yaml\",\n \"user\": {},\n \"contents\": {\n \"compression\": \"gzip\",\n \"source\": \"data:;base64,H4sIAAAAAAAC/6SRQW/bMAyF7/4Vgu627CRoC96yppcNGIZl6GXYQZFoh7AjGpTkpvv1g+0AW3YtdBHER/LpfXakV5RIHED1+YTWX6r+KVbEZmpOmOy26Cl4UJ+ZwjOHlrosNhGHIrDH79hRTOsDFEoFe0FQbyw9yrZQygkd2fWYQOVAVzDGSA7GcUiWAor/51pFdn2hFhsDppdrEruXLs5zlZq3lTSC0q2va5jPBqCpt3opTzzkC5bjkDsKpScBpQ2PyQx0wis6M0+VgAmjuS24iaNZe80i04Wn6HhCeZ/3npjT/L/xB/cYVid2pCPKhPIS/MgUEij9895U/QsedrubtbS0Kt1PXXN2VdoKvvEkY9xtHoTbVZRDtC0eexqf968o1JJbQ1VJMhZlWRb/oxowVW4hck+suRH7smruoVnvBWMEpQF0cUY7pPPvTxT8/q7ghhwTyoEvlhbvTzZfqxw8ihs4+2pgZ4e/uq/HOZtS6U1dN7B7rOFx09bQQgNgdeE64TwehCacwcT3mPDitSrW6L8tIA4fgPYnAAD//ynHHhfHAgAA\",\n \"verification\": {}\n },\n \"mode\": 420\n }\n ]\n },\n \"systemd\": {\n \"units\": [\n {\n \"contents\": \"[Unit]\\nDescription=Load necessary kernel modules\\nBefore=containerd.service kubeadm-init.service\\n\\n[Service]\\nType=oneshot\\nExecStart=/usr/bin/modprobe br_netfilter\\nExecStart=/usr/bin/modprobe overlay\\nRemainAfterExit=yes\\n\\n[Install]\\nWantedBy=multi-user.target\\n\",\n \"enabled\": true,\n \"name\": \"modules-load.service\"\n },\n {\n \"enabled\": true,\n \"name\": \"systemd-networkd-wait-online.service\"\n },\n {\n \"contents\": \"[Unit]\\nDescription=containerd container runtime\\nAfter=network.target modules-load.service\\n\\n[Service]\\nExecStart=/usr/bin/containerd\\nRestart=always\\nRestartSec=5\\nDelegate=yes\\nKillMode=process\\nOOMScoreAdjust=-999\\n\\n[Install]\\nWantedBy=multi-user.\\n\",\n \"enabled\": true,\n \"name\": \"containerd.service\"\n },\n {\n \"contents\": \"[Unit]\\nDescription=Set Timezone\\nAfter=network-online.target\\nWants=network-online.target\\n[Service]\\nStandardOutput=journal+console\\nStandardError=journal+console\\nType=oneshot\\nRestart=on-failure\\nExecStart=/usr/bin/timedatectl set-timezone Europe/Berlin\\nExecStart=/usr/bin/timedatectl set-ntp true \\n[Install]\\nWantedBy=kubeadm.service\\n\",\n \"enabled\": true,\n \"name\": \"set-timezone.service\"\n },\n {\n \"contents\": \"[Unit]\\nDescription=kubelet, the Kubernetes Node Agent\\nDocumentation=https://kubernets.io/docs/home\\nWants=network-online.target\\nAfter=network-online.target\\n[Service]\\n#StandardOutput=journal+console\\n#StandardError=journal+console\\n#EnvironmentFile=/run/metadata/coreos\\nEnvironment=\\\"KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf\\\"\\nEnvironment=\\\"KUBELET_CONFIG_ARGS=--config=/var/lib/kubelet/config.yaml\\\"\\n# This is a file that \\\"kubeadm init\\\" and \\\"kubeadm join\\\" generates at runtime, populating the KUBELET_KUBEADM_ARGS variable dynamically\\nEnvironmentFile=-/var/lib/kubelet/kubeadm-flags.env\\nExecStart=/opt/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_CONFIG_ARGS $KUBELET_KUBEADM_ARGS $KUBELET_EXTRA_ARGS\\nRestart=always\\nStartLimitInterval=0\\nRestartSec=10\\n[Install]\\nWantedBy=multi-user.target\\n\",\n \"enabled\": true,\n \"name\": \"kubelet.service\"\n },\n {\n \"contents\": \"[Unit]\\nDescription=Join node to Kubernetes cluster\\nAfter=network-online.target containerd.service kubelet.service\\nWants=network-online.target\\n\\n[Service]\\nType=oneshot\\n# Environment\\nEnvironment=KUBECONFIG=/etc/kubernetes/admin.conf\\nEnvironment=DATASTORE_TYPE=kubernetes\\nEnvironment=PATH=/usr/bin/:/usr/sbin:/opt/bin:/opt/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent-uds/\\n\\nExecStartPre=/bin/sleep 30s\\n\\nExecStart=/opt/bin/kubeadm join --config=/etc/kubernetes/kubeadm-join.yaml\\n\\n#ExecStartPost=/usr/bin/systemctl disable kubeadm-init.service\\nRestart=on-failure\\nRestartSec=120s\\n\\n[Install]\\nWantedBy=multi-user.target\\n\",\n \"enabled\": true,\n \"name\": \"kubeadm-join.service\"\n }\n ]\n }\n}", "file_name": "worker3-ignition-user-data", "resize": 0 } ], "timeout_upload": 1800 }, "sensitive_attributes": [], "identity_schema_version": 0, "private": "bnVsbA==", "dependencies": [ "data.ct_config.worker3_ignition" ] } ] }, { "mode": "managed", "type": "proxmox_virtual_environment_vm", "name": "control_plane1", "provider": "provider[\"registry.terraform.io/bpg/proxmox\"]", "instances": [ { "schema_version": 0, "attributes": { "acpi": true, "agent": [], "amd_sev": [], "audio_device": [], "bios": "seabios", "boot_order": null, "cdrom": [], "clone": [ { "datastore_id": "", "full": true, "node_name": "hyper1", "retries": 1, "vm_id": 103 } ], "cpu": [ { "affinity": "", "architecture": "", "cores": 2, "flags": null, "hotplugged": 0, "limit": 0, "numa": false, "sockets": 1, "type": "qemu64", "units": 1024 } ], "description": "kubernetes control-plane1", "disk": [], "efi_disk": [], "hook_script_file_id": null, "hostpci": [], "id": "104", "initialization": [ { "datastore_id": "local-lvm", "dns": [], "interface": "ide2", "ip_config": [], "meta_data_file_id": "", "network_data_file_id": "", "type": "", "user_account": [], "user_data_file_id": "cephfs:snippets/control-plane1-ignition-user-data", "vendor_data_file_id": "" } ], "ipv4_addresses": [], "ipv6_addresses": [], "keyboard_layout": "en-us", "kvm_arguments": null, "mac_addresses": [ "BC:24:11:F5:72:1C" ], "machine": null, "memory": [ { "dedicated": 4098, "floating": 4098, "hugepages": "", "keep_hugepages": false, "shared": 0 } ], "migrate": false, "name": "control-plane1", "network_device": [ { "bridge": "vmbr0", "disconnected": false, "enabled": true, "firewall": false, "mac_address": "BC:24:11:F5:72:1C", "model": "virtio", "mtu": 0, "queues": 0, "rate_limit": 0, "trunks": "", "vlan_id": 0 } ], "network_interface_names": [], "node_name": "hyper1", "numa": [], "on_boot": true, "operating_system": [], "pool_id": null, "protection": false, "reboot": false, "reboot_after_update": true, "rng": [], "scsi_hardware": "virtio-scsi-pci", "serial_device": [], "smbios": [], "started": true, "startup": [], "stop_on_destroy": false, "tablet_device": true, "tags": [ "control-plane", "flatcar", "kubernetes", "terraform" ], "template": false, "timeout_clone": 1800, "timeout_create": 1800, "timeout_migrate": 1800, "timeout_move_disk": 1800, "timeout_reboot": 1800, "timeout_shutdown_vm": 1800, "timeout_start_vm": 1800, "timeout_stop_vm": 300, "tpm_state": [], "usb": [], "vga": [], "virtiofs": [], "vm_id": 104, "watchdog": [] }, "sensitive_attributes": [], "identity_schema_version": 0, "private": "bnVsbA==", "dependencies": [ "data.ct_config.control_plane1_ignition", "proxmox_virtual_environment_download_file.flatcar_image", "proxmox_virtual_environment_file.control_plane1_ignition", "proxmox_virtual_environment_vm.flatcar_template" ] } ] }, { "mode": "managed", "type": "proxmox_virtual_environment_vm", "name": "control_plane2", "provider": "provider[\"registry.terraform.io/bpg/proxmox\"]", "instances": [ { "schema_version": 0, "attributes": { "acpi": true, "agent": [], "amd_sev": [], "audio_device": [], "bios": "seabios", "boot_order": null, "cdrom": [], "clone": [ { "datastore_id": "", "full": true, "node_name": "hyper1", "retries": 1, "vm_id": 103 } ], "cpu": [ { "affinity": "", "architecture": "", "cores": 2, "flags": null, "hotplugged": 0, "limit": 0, "numa": false, "sockets": 1, "type": "qemu64", "units": 1024 } ], "description": "kubernetes control-plane2", "disk": [], "efi_disk": [], "hook_script_file_id": null, "hostpci": [], "id": "105", "initialization": [ { "datastore_id": "local-lvm", "dns": [], "interface": "ide2", "ip_config": [], "meta_data_file_id": "", "network_data_file_id": "", "type": "", "user_account": [], "user_data_file_id": "cephfs:snippets/control-plane2-ignition-user-data", "vendor_data_file_id": "" } ], "ipv4_addresses": [], "ipv6_addresses": [], "keyboard_layout": "en-us", "kvm_arguments": null, "mac_addresses": [ "BC:24:11:82:79:6A" ], "machine": null, "memory": [ { "dedicated": 3072, "floating": 3072, "hugepages": "", "keep_hugepages": false, "shared": 0 } ], "migrate": false, "name": "control-plane2", "network_device": [ { "bridge": "vmbr0", "disconnected": false, "enabled": true, "firewall": false, "mac_address": "BC:24:11:82:79:6A", "model": "virtio", "mtu": 0, "queues": 0, "rate_limit": 0, "trunks": "", "vlan_id": 0 } ], "network_interface_names": [], "node_name": "hyper2", "numa": [], "on_boot": true, "operating_system": [], "pool_id": null, "protection": false, "reboot": false, "reboot_after_update": true, "rng": [], "scsi_hardware": "virtio-scsi-pci", "serial_device": [], "smbios": [], "started": true, "startup": [], "stop_on_destroy": false, "tablet_device": true, "tags": [ "control-plane", "flatcar", "kubernetes", "terraform" ], "template": false, "timeout_clone": 1800, "timeout_create": 1800, "timeout_migrate": 1800, "timeout_move_disk": 1800, "timeout_reboot": 1800, "timeout_shutdown_vm": 1800, "timeout_start_vm": 1800, "timeout_stop_vm": 300, "tpm_state": [], "usb": [], "vga": [], "virtiofs": [], "vm_id": 105, "watchdog": [] }, "sensitive_attributes": [], "identity_schema_version": 0, "private": "bnVsbA==", "dependencies": [ "data.ct_config.control_plane1_ignition", "data.ct_config.control_plane2_ignition", "null_resource.wait_for_cp1", "proxmox_virtual_environment_download_file.flatcar_image", "proxmox_virtual_environment_file.control_plane1_ignition", "proxmox_virtual_environment_file.control_plane2_ignition", "proxmox_virtual_environment_vm.control_plane1", "proxmox_virtual_environment_vm.flatcar_template" ] } ] }, { "mode": "managed", "type": "proxmox_virtual_environment_vm", "name": "control_plane3", "provider": "provider[\"registry.terraform.io/bpg/proxmox\"]", "instances": [ { "schema_version": 0, "attributes": { "acpi": true, "agent": [], "amd_sev": [], "audio_device": [], "bios": "seabios", "boot_order": null, "cdrom": [], "clone": [ { "datastore_id": "", "full": true, "node_name": "hyper1", "retries": 1, "vm_id": 103 } ], "cpu": [ { "affinity": "", "architecture": "", "cores": 2, "flags": null, "hotplugged": 0, "limit": 0, "numa": false, "sockets": 1, "type": "qemu64", "units": 1024 } ], "description": "kubernetes control-plane3", "disk": [], "efi_disk": [], "hook_script_file_id": null, "hostpci": [], "id": "106", "initialization": [ { "datastore_id": "local-lvm", "dns": [], "interface": "ide2", "ip_config": [], "meta_data_file_id": "", "network_data_file_id": "", "type": "", "user_account": [], "user_data_file_id": "cephfs:snippets/control-plane3-ignition-user-data", "vendor_data_file_id": "" } ], "ipv4_addresses": [], "ipv6_addresses": [], "keyboard_layout": "en-us", "kvm_arguments": null, "mac_addresses": [ "BC:24:11:20:21:56" ], "machine": null, "memory": [ { "dedicated": 3072, "floating": 3072, "hugepages": "", "keep_hugepages": false, "shared": 0 } ], "migrate": false, "name": "control-plane3", "network_device": [ { "bridge": "vmbr0", "disconnected": false, "enabled": true, "firewall": false, "mac_address": "BC:24:11:20:21:56", "model": "virtio", "mtu": 0, "queues": 0, "rate_limit": 0, "trunks": "", "vlan_id": 0 } ], "network_interface_names": [], "node_name": "hyper3", "numa": [], "on_boot": true, "operating_system": [], "pool_id": null, "protection": false, "reboot": false, "reboot_after_update": true, "rng": [], "scsi_hardware": "virtio-scsi-pci", "serial_device": [], "smbios": [], "started": true, "startup": [], "stop_on_destroy": false, "tablet_device": true, "tags": [ "control-plane", "flatcar", "kubernetes", "terraform" ], "template": false, "timeout_clone": 1800, "timeout_create": 1800, "timeout_migrate": 1800, "timeout_move_disk": 1800, "timeout_reboot": 1800, "timeout_shutdown_vm": 1800, "timeout_start_vm": 1800, "timeout_stop_vm": 300, "tpm_state": [], "usb": [], "vga": [], "virtiofs": [], "vm_id": 106, "watchdog": [] }, "sensitive_attributes": [], "identity_schema_version": 0, "private": "bnVsbA==", "dependencies": [ "data.ct_config.control_plane1_ignition", "data.ct_config.control_plane3_ignition", "null_resource.wait_for_cp1", "proxmox_virtual_environment_download_file.flatcar_image", "proxmox_virtual_environment_file.control_plane1_ignition", "proxmox_virtual_environment_file.control_plane3_ignition", "proxmox_virtual_environment_vm.control_plane1", "proxmox_virtual_environment_vm.flatcar_template" ] } ] }, { "mode": "managed", "type": "proxmox_virtual_environment_vm", "name": "flatcar_template", "provider": "provider[\"registry.terraform.io/bpg/proxmox\"]", "instances": [ { "schema_version": 0, "attributes": { "acpi": true, "agent": [], "amd_sev": [], "audio_device": [], "bios": "seabios", "boot_order": [ "scsi0", "ide2" ], "cdrom": [], "clone": [], "cpu": [ { "affinity": "", "architecture": "", "cores": 1, "flags": null, "hotplugged": 0, "limit": 0, "numa": false, "sockets": 1, "type": "qemu64", "units": 1024 } ], "description": "managed by terraform - base template for flatcar", "disk": [ { "aio": "io_uring", "backup": true, "cache": "none", "datastore_id": "Pool1", "discard": "on", "file_format": "raw", "file_id": "", "import_from": "cephfs:import/flatcar_production_proxmoxve_image.qcow2", "interface": "virtio0", "iothread": false, "path_in_datastore": "vm-103-disk-0", "replicate": true, "serial": "", "size": 10, "speed": [], "ssd": false } ], "efi_disk": [], "hook_script_file_id": null, "hostpci": [], "id": "103", "initialization": [ { "datastore_id": "Pool1", "dns": [], "interface": "ide2", "ip_config": [], "meta_data_file_id": "", "network_data_file_id": "", "type": "", "user_account": [], "user_data_file_id": "", "vendor_data_file_id": "" } ], "ipv4_addresses": [], "ipv6_addresses": [], "keyboard_layout": "en-us", "kvm_arguments": "", "mac_addresses": [ "BC:24:11:39:25:01" ], "machine": "", "memory": [ { "dedicated": 2048, "floating": 2048, "hugepages": "", "keep_hugepages": false, "shared": 0 } ], "migrate": false, "name": "flatcar-template", "network_device": [ { "bridge": "vmbr0", "disconnected": false, "enabled": true, "firewall": false, "mac_address": "BC:24:11:39:25:01", "model": "virtio", "mtu": 0, "queues": 0, "rate_limit": 0, "trunks": "", "vlan_id": 0 } ], "network_interface_names": [], "node_name": "hyper1", "numa": [], "on_boot": true, "operating_system": [], "pool_id": null, "protection": false, "reboot": false, "reboot_after_update": true, "rng": [], "scsi_hardware": "virtio-scsi-pci", "serial_device": [], "smbios": [], "started": null, "startup": [], "stop_on_destroy": true, "tablet_device": true, "tags": [ "flatcar", "kubernetes", "terraform" ], "template": true, "timeout_clone": 1800, "timeout_create": 1800, "timeout_migrate": 1800, "timeout_move_disk": 1800, "timeout_reboot": 1800, "timeout_shutdown_vm": 1800, "timeout_start_vm": 1800, "timeout_stop_vm": 300, "tpm_state": [], "usb": [], "vga": [], "virtiofs": [], "vm_id": 103, "watchdog": [] }, "sensitive_attributes": [], "identity_schema_version": 0, "private": "bnVsbA==", "dependencies": [ "proxmox_virtual_environment_download_file.flatcar_image" ] } ] }, { "mode": "managed", "type": "proxmox_virtual_environment_vm", "name": "worker1", "provider": "provider[\"registry.terraform.io/bpg/proxmox\"]", "instances": [ { "schema_version": 0, "attributes": { "acpi": true, "agent": [], "amd_sev": [], "audio_device": [], "bios": "seabios", "boot_order": null, "cdrom": [], "clone": [ { "datastore_id": "", "full": true, "node_name": "hyper1", "retries": 1, "vm_id": 103 } ], "cpu": [ { "affinity": "", "architecture": "", "cores": 2, "flags": null, "hotplugged": 0, "limit": 0, "numa": false, "sockets": 1, "type": "qemu64", "units": 1024 } ], "description": "kubernetes worker1", "disk": [], "efi_disk": [], "hook_script_file_id": null, "hostpci": [], "id": "109", "initialization": [ { "datastore_id": "local-lvm", "dns": [], "interface": "ide2", "ip_config": [], "meta_data_file_id": "", "network_data_file_id": "", "type": "", "user_account": [], "user_data_file_id": "cephfs:snippets/worker1-ignition-user-data", "vendor_data_file_id": "" } ], "ipv4_addresses": [], "ipv6_addresses": [], "keyboard_layout": "en-us", "kvm_arguments": null, "mac_addresses": [ "BC:24:11:31:50:0B" ], "machine": null, "memory": [ { "dedicated": 8192, "floating": 8192, "hugepages": "", "keep_hugepages": false, "shared": 0 } ], "migrate": false, "name": "worker1", "network_device": [ { "bridge": "vmbr0", "disconnected": false, "enabled": true, "firewall": false, "mac_address": "BC:24:11:31:50:0B", "model": "virtio", "mtu": 0, "queues": 0, "rate_limit": 0, "trunks": "", "vlan_id": 0 } ], "network_interface_names": [], "node_name": "hyper1", "numa": [], "on_boot": true, "operating_system": [], "pool_id": null, "protection": false, "reboot": false, "reboot_after_update": true, "rng": [], "scsi_hardware": "virtio-scsi-pci", "serial_device": [], "smbios": [], "started": true, "startup": [], "stop_on_destroy": false, "tablet_device": true, "tags": [ "flatcar", "kubernetes", "terraform", "worker" ], "template": false, "timeout_clone": 1800, "timeout_create": 1800, "timeout_migrate": 1800, "timeout_move_disk": 1800, "timeout_reboot": 1800, "timeout_shutdown_vm": 1800, "timeout_start_vm": 1800, "timeout_stop_vm": 300, "tpm_state": [], "usb": [], "vga": [], "virtiofs": [], "vm_id": 109, "watchdog": [] }, "sensitive_attributes": [], "identity_schema_version": 0, "private": "bnVsbA==", "dependencies": [ "data.ct_config.control_plane1_ignition", "data.ct_config.control_plane3_ignition", "data.ct_config.worker1_ignition", "null_resource.wait_for_cp1", "null_resource.wait_for_cp3", "proxmox_virtual_environment_download_file.flatcar_image", "proxmox_virtual_environment_file.control_plane1_ignition", "proxmox_virtual_environment_file.control_plane3_ignition", "proxmox_virtual_environment_file.worker1_ignition", "proxmox_virtual_environment_vm.control_plane1", "proxmox_virtual_environment_vm.control_plane3", "proxmox_virtual_environment_vm.flatcar_template" ] } ] }, { "mode": "managed", "type": "proxmox_virtual_environment_vm", "name": "worker2", "provider": "provider[\"registry.terraform.io/bpg/proxmox\"]", "instances": [ { "schema_version": 0, "attributes": { "acpi": true, "agent": [], "amd_sev": [], "audio_device": [], "bios": "seabios", "boot_order": null, "cdrom": [], "clone": [ { "datastore_id": "", "full": true, "node_name": "hyper1", "retries": 1, "vm_id": 103 } ], "cpu": [ { "affinity": "", "architecture": "", "cores": 2, "flags": null, "hotplugged": 0, "limit": 0, "numa": false, "sockets": 1, "type": "qemu64", "units": 1024 } ], "description": "kubernetes worker2", "disk": [], "efi_disk": [], "hook_script_file_id": null, "hostpci": [], "id": "107", "initialization": [ { "datastore_id": "local-lvm", "dns": [], "interface": "ide2", "ip_config": [], "meta_data_file_id": "", "network_data_file_id": "", "type": "", "user_account": [], "user_data_file_id": "cephfs:snippets/worker2-ignition-user-data", "vendor_data_file_id": "" } ], "ipv4_addresses": [], "ipv6_addresses": [], "keyboard_layout": "en-us", "kvm_arguments": null, "mac_addresses": [ "BC:24:11:C5:AC:58" ], "machine": null, "memory": [ { "dedicated": 8192, "floating": 8192, "hugepages": "", "keep_hugepages": false, "shared": 0 } ], "migrate": false, "name": "worker2", "network_device": [ { "bridge": "vmbr0", "disconnected": false, "enabled": true, "firewall": false, "mac_address": "BC:24:11:C5:AC:58", "model": "virtio", "mtu": 0, "queues": 0, "rate_limit": 0, "trunks": "", "vlan_id": 0 } ], "network_interface_names": [], "node_name": "hyper2", "numa": [], "on_boot": true, "operating_system": [], "pool_id": null, "protection": false, "reboot": false, "reboot_after_update": true, "rng": [], "scsi_hardware": "virtio-scsi-pci", "serial_device": [], "smbios": [], "started": true, "startup": [], "stop_on_destroy": false, "tablet_device": true, "tags": [ "flatcar", "kubernetes", "terraform", "worker" ], "template": false, "timeout_clone": 1800, "timeout_create": 1800, "timeout_migrate": 1800, "timeout_move_disk": 1800, "timeout_reboot": 1800, "timeout_shutdown_vm": 1800, "timeout_start_vm": 1800, "timeout_stop_vm": 300, "tpm_state": [], "usb": [], "vga": [], "virtiofs": [], "vm_id": 107, "watchdog": [] }, "sensitive_attributes": [], "identity_schema_version": 0, "private": "bnVsbA==", "dependencies": [ "data.ct_config.control_plane1_ignition", "data.ct_config.control_plane3_ignition", "data.ct_config.worker2_ignition", "null_resource.wait_for_cp1", "null_resource.wait_for_cp3", "proxmox_virtual_environment_download_file.flatcar_image", "proxmox_virtual_environment_file.control_plane1_ignition", "proxmox_virtual_environment_file.control_plane3_ignition", "proxmox_virtual_environment_file.worker2_ignition", "proxmox_virtual_environment_vm.control_plane1", "proxmox_virtual_environment_vm.control_plane3", "proxmox_virtual_environment_vm.flatcar_template" ] } ] }, { "mode": "managed", "type": "proxmox_virtual_environment_vm", "name": "worker3", "provider": "provider[\"registry.terraform.io/bpg/proxmox\"]", "instances": [ { "schema_version": 0, "attributes": { "acpi": true, "agent": [], "amd_sev": [], "audio_device": [], "bios": "seabios", "boot_order": null, "cdrom": [], "clone": [ { "datastore_id": "", "full": true, "node_name": "hyper1", "retries": 1, "vm_id": 103 } ], "cpu": [ { "affinity": "", "architecture": "", "cores": 2, "flags": null, "hotplugged": 0, "limit": 0, "numa": false, "sockets": 1, "type": "qemu64", "units": 1024 } ], "description": "kubernetes worker3", "disk": [], "efi_disk": [], "hook_script_file_id": null, "hostpci": [], "id": "108", "initialization": [ { "datastore_id": "local-lvm", "dns": [], "interface": "ide2", "ip_config": [], "meta_data_file_id": "", "network_data_file_id": "", "type": "", "user_account": [], "user_data_file_id": "cephfs:snippets/worker3-ignition-user-data", "vendor_data_file_id": "" } ], "ipv4_addresses": [], "ipv6_addresses": [], "keyboard_layout": "en-us", "kvm_arguments": null, "mac_addresses": [ "BC:24:11:87:3C:6A" ], "machine": null, "memory": [ { "dedicated": 8192, "floating": 8192, "hugepages": "", "keep_hugepages": false, "shared": 0 } ], "migrate": false, "name": "worker3", "network_device": [ { "bridge": "vmbr0", "disconnected": false, "enabled": true, "firewall": false, "mac_address": "BC:24:11:87:3C:6A", "model": "virtio", "mtu": 0, "queues": 0, "rate_limit": 0, "trunks": "", "vlan_id": 0 } ], "network_interface_names": [], "node_name": "hyper3", "numa": [], "on_boot": true, "operating_system": [], "pool_id": null, "protection": false, "reboot": false, "reboot_after_update": true, "rng": [], "scsi_hardware": "virtio-scsi-pci", "serial_device": [], "smbios": [], "started": true, "startup": [], "stop_on_destroy": false, "tablet_device": true, "tags": [ "flatcar", "kubernetes", "terraform", "worker" ], "template": false, "timeout_clone": 1800, "timeout_create": 1800, "timeout_migrate": 1800, "timeout_move_disk": 1800, "timeout_reboot": 1800, "timeout_shutdown_vm": 1800, "timeout_start_vm": 1800, "timeout_stop_vm": 300, "tpm_state": [], "usb": [], "vga": [], "virtiofs": [], "vm_id": 108, "watchdog": [] }, "sensitive_attributes": [], "identity_schema_version": 0, "private": "bnVsbA==", "dependencies": [ "data.ct_config.control_plane1_ignition", "data.ct_config.control_plane3_ignition", "data.ct_config.worker3_ignition", "null_resource.wait_for_cp1", "null_resource.wait_for_cp3", "proxmox_virtual_environment_download_file.flatcar_image", "proxmox_virtual_environment_file.control_plane1_ignition", "proxmox_virtual_environment_file.control_plane3_ignition", "proxmox_virtual_environment_file.worker3_ignition", "proxmox_virtual_environment_vm.control_plane1", "proxmox_virtual_environment_vm.control_plane3", "proxmox_virtual_environment_vm.flatcar_template" ] } ] } ], "check_results": null }